Embedthis : Security Vulnerabilities, CVEs, (Information Leak)
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - note the lack of "/" in the path field of the request) request that will disclose the configuration file with the login password.
Max CVSS
9.8
EPSS Score
7.65%
Published
2017-03-13
Updated
2017-03-15
1 vulnerabilities found