CVE-2014-1911

high

Published 2014-03-06 · Modified 2026-05-06

CVSS v3

—

CVSS v2

7.8

VIR risk

7.8

Description

The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cret@cert.org — http://foscam.us/forum/mjpeg-54-firmware-bug-user-logon-bypass-t8442.html

References

http://foscam.us/forum/mjpeg-54-firmware-bug-user-logon-bypass-t8442.html
http://www.kb.cert.org/vuls/id/525132
http://foscam.us/forum/mjpeg-54-firmware-bug-user-logon-bypass-t8442.html
http://www.kb.cert.org/vuls/id/525132

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.