CVEs-PoC/2017/CVE-2017-2879.md

### [CVE-2017-2879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2879)
![](https://img.shields.io/static/v1?label=Product&message=Foscam%20C1%20Indoor%20HD%20Camera&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Foscam%20Indoor%20IP%20Camera%20C1%20Series%2CSystem%20Firmware%20Version%3A%201.9.3.18%2CApplication%20Firmware%20Version%3A%202.52.2.43%2CPlug-In%20Version%3A%203.3.0.26%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Overflow&color=brightgreen)

### Description

An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability.

### POC

#### Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2017-0386

#### Github
No PoCs found on GitHub currently.