Foscam home security issued an update for its home security systems after researchers found several vulnerabilities which if combined, could allow an attacker to gain root access to the cameras (via LAN or internet.
VDOO's security research team spotted an arbitrary file deletion vulnerability (CVE-2018-6830), a stack-based buffer overflow vulnerability (CVE-2018-6832), and a shell command injection vulnerability (CVE-2018-6831), according to a June 6 blog post.
The threat actors first need to obtain the camera's IP address or DNS name, then use the arbitrary file deletion vulnerability, to delete certain critical files that will result in authentication bypass when the webService process reloads.
They must then crash the webService process by exploiting the stack-based buffer overflow vulnerability in the webService process and finally execute root commands by exploiting the shell command injection vulnerability.
The vulnerabilities have yet to be exploited in the wild however, researchers are urging users to update as soon as possible.
