cbcvebase.
CVE-2013-2574
published 2020-01-29

CVE-2013-2574: An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a…

PriorityP262high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
29.59%
98.0th percentile
An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.

Detection & IOCsextracted from sources · hover to see the quote

path/tmpfs/config_backup.bin
path/tmpfs/config_restore.bin
path/tmpfs/ddns.conf
path/tmpfs/syslog.txt
path/log/syslog.txt
filenameconfig_backup.bin
  • Monitor HTTP server logs for unauthenticated GET requests targeting the paths /tmpfs/ and /log/ on FOSCAM FI8620 devices, which require no authentication and expose sensitive files.
  • ·The config_backup.bin file is only present if an operator/administrator has previously executed the backup process; exploitation of that specific path is conditional on this prior action.
  • ·Other Foscam devices sharing the same firmware as the FI8620 may also be affected but were not confirmed tested.
  • ·No official patch was provided by the vendor; no non-vulnerable firmware version is confirmed.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.