Foscam IP Camera Vulnerability

Cisco Talos disclosed a vulnerability found in the Foscam C1 Indoor HD Camera, a network-based camera commonly used as a home security monitoring device. Successful exploitation of the vulnerability CVE-2017-2871 could allow a threat actor to gain complete control of the device through an unsecured Trivial File Transfer Protocol (TFTP) server used for firmware updates. A threat actor can leverage these TFTP servers to perform a custom firmware upgrade on the device without authenticating. US-CERT recently published an advisory on state-sponsored cyber actors targeting similar networking infrastructure devices and how they are using TFTP to discover information about these devices. The NJCCIC recommends users and administrators of Foscam products review the Cisco Talos report for more information and visit the Foscam support page to update the firmware of affected Foscam cameras as soon as possible. Users are encouraged to keep firmware for all IoT devices updated with the latest patches.