Cisco Talos researcher Claudio Bozzato found a number of vulnerabilities in popular HD-cameras for internal video surveillance Foscam C1, ranging from information disclosure to remote code execution. Problems affect devices with firmware version 2. 52. 43.

The DDNS client used by cameras contains four buffer overflow vulnerabilities that allow remote execution of the code. For their operation, the attacker should be able to send a malicious payload in response to the HTTP requests received from the device. "An attacker capable of intercepting an HTTP connection can completely compromise a device with activated DDNS using a dummy HTTP server," the relevant security notice says..

Due to insufficient security checks during the recovery process, a vulnerability occurs that allows you to download and install an unsigned firmware image on the device. Another disadvantage in security scanning allows an unauthorized attacker to reset user accounts to factory ones using a specially crafted request through port 10001.

Cisco Talos in due course notified the manufacturer of the vulnerabilities in its products in July 2017. According to Cisco Talos, the manufacturer has already released a patch, however, judging by its official site, the new firmware version was released in June.

DDNS (Dynamic DNS) is a technology that allows information on the DNS server to be updated in real time and optionally in automatic mode. It is used to assign a permanent domain name to a device (computer, network drive) with a dynamic IP address.