Foscam C1 IP Camera FTP Hard Coded Password

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote host is running an FTP server that is using a hard-coded

Description :

Nessus was able to log in to the remote FTP server, using the
username 'r' with the password 'r', and identify the remote server as
a vulnerable Foscam C1 IP Camera. A remote attacker can exploit this
to access its FTP service and the mounted Micro-SD card.

See also :

Solution :

Update to firmware version V-2.x.2.43 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 101547 ()

Bugtraq ID: 99193

CVE ID: CVE-2016-8731

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now