{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-04-10T19:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7648", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/archive/1/540388/30/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:12:27.705Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7648", "datePublished": "2017-04-10T19:00:00.000Z", "dateReserved": "2017-04-10T00:00:00.000Z", "dateUpdated": "2024-09-16T20:02:45.142Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:foscam:c1:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7389DE9-CA20-4C78-8995-283B62F1EFF5", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:c1_lite:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E397A2B-A359-47F7-8511-46C9A4AB6138", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:c2:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CD4E331-F8EC-4101-9CC2-024F45091F88", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9800xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "C61FCA92-292C-4727-8202-CC9C8CD81135", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9826p:*:*:*:*:*:*:*:*", "matchCriteriaId": "F594F134-C17D-4F36-8CA3-989BA1B593AF", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9828p:*:*:*:*:*:*:*:*", "matchCriteriaId": "43490AF6-018A-4ADA-854E-BF39DD88E4F4", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9851p:*:*:*:*:*:*:*:*", "matchCriteriaId": "39B496E3-56E0-4231-B4EB-5EB515637C37", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9853ep:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DABEEE8-9E5C-49A9-A2EC-D9E2968161B0", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9901ep:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC1DF418-B1A9-46B6-91DD-C2C440016573", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9903p:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FBE30F1-F107-46D8-8B60-AE8A515CD566", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:fi9928p:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BF0BB89-28F3-404B-BFBC-5DBAF4043721", "vulnerable": true}, {"criteria": "cpe:2.3:h:foscam:r2:*:*:*:*:*:*:*:*", "matchCriteriaId": "329EDF7D-0031-430B-9B86-2092CAAAA0B5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation."}, {"lang": "es", "value": "Los dispositivos en red de Foscam usan la misma clave privada SSL codificada en las diferentes instalaciones de los clientes, lo que permite a los atacantes remotos derrotar los mecanismos de protecci\u00f3n criptogr\u00e1fica aprovechando el conocimiento de esta clave desde otra instalaci\u00f3n."}], "id": "CVE-2017-7648", "lastModified": "2026-05-13T00:24:29.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-10T19:59:00.297", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540388/30/0/threaded"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}