Reprise du message précédent :
Bonjour,
 
Suite à une lentille défectueuse sur une foscam 9820 (acheté en juin 2012), je suis en litige avec casabill ... Le problème leur a été signalé en décembre 2012. Un technicien a bien constaté le problème et le service devait faire remonter à FOSCAM.  
Pb, toujours pas de réponse!  
Quelqu'un a -t-il déjà eu ce type de problème avec casabill

@koudcid
 
look here for latest firmware
http://foscam.com/down3.aspx
 
For your camera 11.37.xxx the latest is 11.37.2.49  
I think this one correct the security problem
 
But for 11.22.xx branch they didn't  made any upgrade and we are exposed to hacking ... :-(
 

 
Super !
 
Merci beaucoup

 
Please be aware that while 11.37.2.49 does fix the security issue about gaining access to your IP camera configuration data without the need to logon to the IP camera. It does NOT resolve or fix the OTHER security issue where an Operator User level Id can still access this information.
 
This becomes very important if you allow others to use an Operator User Id with your IP camera. Because they can still gain access to your IP cameras configuration data.
 
You can find more information about this second security exploit, on page 17, in the .pdf document located here:
 
http://www.openipcam.com/forum/ind [...] ml#msg2839
 
AFAIK. None of the MJPEG based IP cameras, have a security fix firmware release, for the Operator User Id level security exploit, yet. As it was found after the first security exploit was found, documented and firmware was created to fix it, in some cases.
 
Additionally. I worry that the hardware versions of MJPEG based IP cameras that are as an example using firmware versions 11.22.*.* or lower, might not ever be updated to resolve these security exploits. Since they are older hardware versions of IP camera models, they may never be patched and fixed for both of these security issues. Since most likely, all warranties have expired for those hardware versions of these IP camera models.
 
I say this because the system firmware, for virtually ALL MJPEG based IP cameras was created and supported by a 3rd party. Each time requests are made to modify system firmware, the IP camera suppliers must pay for these modifications. Some may feel, that since the warranty has expired for some IP camera models or hardware versions of those IP camera models. That it's cheaper to NOT do the system firmware modifications required to fix these two security exploits. Much like a Microsoft and XP, End-Of-Life scenario. But a much shorter time period, in this case.
 
Don

Ok Don,
 
Thank you very much for the precision. I will update the firmware for the first issue, for the second, I have no operator level user, so ... not a problem for the moment.
 
have a nice day

Bonjour a tous, je vient de faire l'acquisition de la foscam F18918W en wifi, maintenant que c'est fait serait il possible de faire un enregistrement en continue.

Bonjour,
Je viens d’acquérir une FI9821W qui enregistre sur carte SD.  
J'aimerais savoir si il existe une appli iPhone qui permette de les gérer (au moins les visionner).
 
 
Merci,
 
Nik0

Bonjour,
 
J'ai acheté cette caméra ip d'extérieure il y à 1 an : http://www.yonis-shop.com/camera-i [...] 02401.html
 
et l'antenne wifi s'est cassé, j'ai trouvé ceci sur ebay : http://www.ebay.fr/itm/Antenne-WiF [...] 20cf6c592b
 
Est ce que ça sera compatible avec ma caméra ip ?
 
Merci

Hmm... Foscam and all becomes more problematic ...!   I also own FI1904 and FI 8918 "old style" so no firmware update available. I will delete asap the "operator" access but the other exploit is still valid (I've made the test with .../kcore and it works ! Just with workpad, you can found the admin login and password in clear).
 
One solution would be to restrict access to a short list of IP (but what when you don't have a fixed IP ?)  
I guess the definitive solution would be to only access cams through a VPN but it means :
 
- accessing only from your computer
- no access from your Iphone...  

 
It's important to note that these exploits for MJPEG based IP cameras are NOT confined to Foscam IP cameras only. Many other MJPEG based IP camera brands and models, including clones, also are exposed to these exploits.
 
More here: http://forum.hardware.fr/hfr/Hardw [...] tm#t733067
 
Don

 
Hi Don
Yes that's right. But it's very sad that, even a brand like Foscam, doesn't support their products more than 2 or 3 years. The principle today is more and more "sell it and forget"...
 
That said, a hacker should know your exact IP and port before using this exploit isn'it ? If your domain name is not too explicit (avoid domain names containing "cam", "webcam", "axis", "foscam" etc...) it may be not so easy to find it (even with shodanHQ) ?  
And finally, what do you think about VPN solution ?
 

 
I wish it were true that it is complicated to find these IP cameras. But, the truth is it's not.
 
The issue is that these IP cameras have a common base firmware. That ALL use specific text in their HTTP headers, not dependent on Brand, Model, Clone or Knockoff. That can be easily located. Because this text is located in the HTTP headers of these IP cameras when communicating with these IP cameras. Domain names cannot help hide them nor can Domain names offer any protection of complicating how to locate them.
 
Example:  
 

 
Using search sites like http://shodanhq.com and the search term without the double quotes "Netwave IP Camera" allows one to find tens of thousands of these IP cameras easily. One can also save the results and build lists to be sold to others. Which makes things much worse.
 
Example: http://www.shodanhq.com/search?q=Netwave+IP+Camera
 
As of this date. 253,209 of these IP Cameras can be found. That potentially are exposed to these exploits. Just using the one search above.
 
As of this date. Just using the search above alone. One can find this many IP Cameras, in these countries alone. That potentially are exposed to these exploits in these countries:
 
Top Countries
Germany 61,023  
France 33,561  
United States 32,929  
Italy 13,630  
China 11,115
 
Even Worse. Any DDNS names supplied by IP camera sellers. Can also be used in search terms to build lists as well. Making it even easier to locate IP cameras by Brand, Clone or Knockoff. As you can see. One can even filter results by country location and many more criteria.
 
Some Examples
Foscam *.myfoscam.org
EasyN *.ipcam.hk
Apexis *.aipcam.com
Wansview *.nwsvrl.com
 
Just to name a few.
 
So, as you can see. Between the specific HTTP headers used by these IP cameras and/or the DDNS supplied for these IP cameras. Makes it very easy for hackers to build lists of potential IP Cameras to test for vulnerabilities and basically build scripts or tools that can process these lists in a very automated way. Using very little human intervention. Once IP Cameras are identified using these automated methods. It simply using the list output produced, by these methods. To quickly and easily exploit thousands of IP cameras at a time, if desired.
 
I go into some details here. On how public this information has become worldwide here and even showing that tools are being and have been built to do these things already. So this is NOT a fantasy. This is not something to worry about in the future. This is happening NOW and won't be getting better anytime soon as more and more people publish methods and tools in the future:
 
http://www.openipcam.com/forum/ind [...] 534.0.html
 
It's important to note that once tools like the above link shows are in the public domain. This makes it much easier for those who really have little programming knowledge or even much if any knowledge about IP cameras. To simply use and operate these tools to become one more of many attempting to exploit these IP cameras.  
 
Example. One does not need to know how to build a car, to be able to drive a car!
 
Don

Thank you Don for all these detailed explanations. I had seen already your posts on iopenipcam but have now a wider picture.
It's very clear...and unfortunate ! Anf for sure not a fantasy.
 
The question now is "what can we do to ensure privacy AND security " ...?

You are very welcome.
 
I can only suggest informing your IP Camera seller. Many of the IP Cameras exposed to these exploits are still under warranty. So, the IP Cameras exposed to these exploits are not all older IP Camera models past their warranties.
 
Sadly. Many IP Camera sellers have verbiage in their warranties, that may exclude issues with firmware.
 
Example: This is the current Foscam Warranty information:
 
"This limited hardware warranty does not cover:  
 
Software, including the software added to the products through our factory-integration system, software that included in the CD,etc"
 
From: http://www.foscam.com/help3.aspx
 
In any case. I would push the issue with your IP Camera seller. If you find your IP Cameras exposed to these exploits. Requesting new firmware, since new firmware is the only solution to resolve these current exploits.
 
Don

@ Don
 
Absolutely true ! Actually, they will never maintain firmware and security for their "obsolete" products (this means more than 3 years old) .
 
Here is the answer from FOSCAM support   :  
"The camera with the old version had stopped producing for more than two years.
You do not need to worry about the security if you protect the domain name, the administrator user and the password well.  
Do not tell someone else those information and do not spread those information on the internet. At the same time, change the password regularly.
Sorry for the inconvenience to you."
 
It's like a dream ! (rather a nightmare) CChhhhhhuuuttt...! don't wake up the good consumer ! He may refrain from buying other creepy products from us !!  
 
I think I have no solution but to keep the cameras inside a private network by VPN.  
But it sucks !  

 
Sad.
 
It's my belief. That whoever responded to you. Is "obviously" not aware of the two different exploits currently in the wild, for these IP Cameras. If they were. You can assume, that the answer would have been different.
 
Yes. In a situation where you cannot get new firmware. A VPN would be a very good second choice, if you intend to expose your IP Cameras to be accessed remotely.
 
Don

 
Yes. It 'll be OK for remote and safe (I hope) administration . But I'll loose the ability of distant access from anywhere and especially from my Iphone.
Or is there any other way to explore ?    

Unfortunately no. The Firmware actually has a directory structure where files are maintained. Which is located in the cameras memory instead of using a hard-drive or SD card to do the same. Much like your Computer has directories and files. It's because of this. That an actual firmware change is required to deny access to the directory in these cameras, where this information is being exploited vs. allowing it, to be accessed, as it is now.
 
Here is some more details on the internals of these cameras and how their directories and files are stored in the cameras memory:
 
http://www.openipcam.com/forum/ind [...] 473.0.html
 
In the recent past. I have reported a similar vulnerability for the Foscam FI9820W Model cameras and many other brands and models as well:
 
http://www.kb.cert.org/vuls/id/265532
 
Firmware was changed ("By Foscam Only" ) for the exploit above, rather quickly, after I reported the vulnerability above and the camera model was still very new. However. Soon afterwards. That camera model was discontinued by Foscam and is no longer being sold. Other Brands and models are still being sold and still may have this problem as well.
 
In this situation here, with these cameras, with these two exploits. The impact covers many brands, models, clones and knockoffs that have been sold over many years by many different sellers. No seller. Including Foscam. Actually created/creates ANY of the firmware releases for these cameras.  
 
All sellers of these cameras used/use a 3rd party to actually create and maintain the firmware. What this means is anytime a seller of these cameras needs firmware changes. Minus say, minor Web UI ("Web User Interface" ) changes, which sellers and even you can do by yourself. These sellers pay that 3rd party for those changes. Which maybe why so few IP Camera sellers care to modify firmware for these exploits. Because of the additional costs to do so.
 
Quote By Foscam: "The reason Foscam decided to hire their own R&D team was because of the delays of firmware updates from third party software developers (this software can be seen in all the MJPEG models and older H.264 models such as the FI8910W and FI9820W). After the issues of the FI9820W camera being unstable and the software developers unwilling to help us change firmware for our customers who were having problems".
 
From: http://foscam.us/forum/fi9821w-iss [...] rty#p24436
 
It's because of this that I think it is not receiving as much attention as other vulnerabilities reported in the past have.
 
Depending on the Foscam hardware version and model of the camera. Foscam has issued firmware upgrades, that do deal and fix Exploit One, which requires no camera User Id or camera password of the two methods used in these exploits. The second exploit, would require someone to have an Operator level User Id and password, in order to still gain access to the same data that the first exploit uses, which requires no User Id and password, to do.
 
As far as I know. Foscam is the only seller of these cameras that has actually made some firmware releases to cover the first exploit and no sellers, including Foscam, have released a firmware update to deal with the second exploit which requires an Operator User Id and password for the camera, to exploit.
 
Note: The Second exploit was found and published after Foscam had released a new version of firmware for some camera models, thinking that there was only one exploit. Specifically regarding Foscam MJPEG based camera models. ALL Foscam MJPEG camera models have at least two different hardware versions for the same camera model.  It would appear that Foscam did release new firmware for the most recent hardware versions of a MJPEG based camera model that they still sell for Exploit one only. Other older hardware versions of the same camera model, may not have had a firmware version released. You can check here to see if there is a newer version of firmware for your Foscam MJPEG based camera here:
 
http://www.foscam.com/down3.aspx
 
Note: The firmware version. If it exists for the hardware version of your camera model. Will end in .49 for the system firmware version. If the system firmware versions ends in anything less than .49 then your hardware version of your camera model. Has not had any new firmware created to protect you from anyone, without using a camera User Id or Password to gather your cameras configuration data. Which may or may not include the ability to dump from your cameras configuration information: DDNS and DDNS password, Email and Email Password, FTP and FTP password, Admin and Password and other information. Better known as protection from Exploit one.
 
Even if you do see and install a newer system firmware version for your cameras hardware version and model that does end with .49. Your camera is NOT protected from Exploit two.
 
You cannot use any system firmware version that is NOT for your camera hardware version and model or that does not match the first two sets of digits in your system firmware version. Example: You cannot upgrade to system firmware version 11.37.x.x if the current version of system firmware in your camera is 11.22.x.x and vise versa. If you do. You will lose wireless ability of your camera. If you install the wrong firmware for another camera model into your camera model. You can brick your camera. Making it impossible to use, without opening up the camera and creating a serial interface to the camera to try to recover. Even then. That might not fix your camera. So please be careful.
 
As stated earlier here. I am personally NOT aware of any other seller that has even released a new firmware version to protect from Exploit one. Besides Foscam, for some camera hardware versions and models. No seller, including Foscam, has released a new firmware version to fix Exploit two, as of this date. That I personally am aware of. Including Foscam. I monitor these issues closely.
 
So. If you do have access to a firmware upgrade that protects your camera from anyone without using any User Id or password for the camera, to retrieve the camera configuration information ("Exploit One" ). If you do not allow others whom you do not have total and complete trust to have access to an Operator User Id and password. Then you can protect yourself from the second exploit ("Exploit Two" ), in a round-about way. While it's not a fix. Limiting whom has access to a cameras Operator User Id and password will give you protection.
 
The most important thing to remember about ALL of this, IMHO. Is that these two exploits allow others to gain access to ANY Email addresses and Email passwords you use as well as ANY FTP and FTP passwords you use in the cameras configuration. So, this is not simply resetting the camera if needed. Once someone has access to your Email addresses and Email passwords and FTP User and FTP password. Much, much, more damage can be done to YOU personally then simply recovering your cameras by resetting those cameras and going about your day.
 
My suggestions are:
 
1. If your camera has no firmware release for Exploit one and you allow remote access, which allows your camera configuration to be dumped by ANYONE worldwide.  If you are not using a VPN or some sort of secure HTTPS interface ("Like the example below" ) you should NOT use any primary Email address in the cameras configuration. You should create a NEW Email address specifically that you use just for your cameras Email alarm notifications and nothing else that contains personal information. Knowing, that at anytime, someone can access that Email account and that you could lost it.
 
If you have FTP alarm notifications setup. I would create a FTP User Id that is confined to a specific directory that has NO tree to other directories and file information. If possible, I would make sure that the FTP User cannot change their password as well. Knowing, that at sometime, someone can delete any and all files using that FTP User Id. If that FTP User Id is allowed to be able to change their password. Know, that at sometime, someone can change that password at anytime.
 
If the above is too risky for you? I would NOT use any Email or FTP alarm notifications. Knowing that ALL your camera User Ids and Passwords for ALL camera User Ids and your DDNS and password could still be changed, at anytime.
 
If the above is too risky for you. I would disable remote access or create a VPN or use other methods such as creating a secure HTTPS interface, using a server for your cameras.  
 
Example: http://bitsofinfo.wordpress.com/20 [...] -proxying/
 
2. If you do have firmware that fixes Exploit one. I would not allow ANYONE that you do not have complete trust with to have any camera User Id, higher than a Visitor level User Id. Because anyone you give a Operator User Id and password to. Will be able to do EVERYTHING that can be done in #1 above, at anytime. From anywhere. Even if you trust the person(s) who you may still want to have an Operator User level Id for your cameras. You need to think about their device security. Their computers, Tablets and Phones. If they lose any of their devices or if any of their devices are stolen. If those devices can be accessed and that information about the Operator User Id and Password for your camera can/could be accessed. You run a risk that is beyond personal trust.
 
Whatever you choose to do. I would do testing, to make sure that you verify, what you think you currently are protected from. For both Exploit one and Exploit two.
 
Legend
xxx.xxx.xxx.xxx = Local IP Address from within your network or ISP IP Address or DDNS
#### = Port For Camera
OperatorId = Operator User Id for Camera ("Case Sensitive" )
Password = Password for Operator User Id ("Case Sensitive" )
 
Replace the legend values below with the proper values for your camera. Enter each line below. One at a time, with those changes into the browser window of your choice. If you see ANY data returned in your browser window returned for any of the two exploits shown below ("String of different characters that make no sense" ). Then your camera is exposed to that exploit. If you do NOT have an Operator level User Id defined for your camera. You will need to create one for testing Exploit two. You can delete it after testing, if needed.
 
Test to determine if your camera is exposed to Exploit One ("Note: The // is not a typo" ):

Test to determine if your camera is exposed to Exploit Two ("Requires Using a Operator level User Id and Password for the Camera" )

How would someone go about gathering the information in my camera if someone were to use one of these exploits?
 
While you may not visually be able to see clearly what the above data returned includes. Due to the vast amount of information being returned. When one of these exploits takes place successfully. The Admin User Id and Password, for the camera in question, is returned in the data. Then virtually the entire configuration for ALL data in the camera can be accessed and dumped by replacing AdminId and Password ("Both case sensitive" ) in the line below, in the browser window of your choice. Using that returned information as well as the legend information for the IP and port of the camera, using this.
 
You can also try the below in the browser window of your choice by simply using the Admin User Id and password for your camera to see what would be accessed by someone using these exploits:
 

Note: The camera has no log showing that any camera access, by anyone took place. Using ANY of the three lines above. So, you cannot ever tell, if it ever has or has not taken place. Once someone has access to the data in your camera configuration. Nothing bad may happen right away. They might gather other data from other cameras and then sell all the data. This could take time. So thinking nothing bad happened today, by no means is any assurance that can be said in the near future. Email addresses, FTP User Ids and their password, have value. Sometimes they are packaged in bulk and sold to the highest bidder.
 
I hope this shows that this is not some form of paranoia, but instead, is truly and truthfully a sad reality, at this time. Hopefully this information shows both the risks and protection options and methods to test that protection, to protect you the camera owner, from issues you may not have known you maybe currently exposing yourself to. If your camera, is one of these cameras.
 
Don

@ Don
 
Thank you very much for those very comprehensive explanations and advices. It's crystal clear for me (=> VPN).
 
Pour les non anglophones, je les incite très fortement à faire un gros effort (ou à faire appel à Google traduction) pour lire malgré tout et bien comprendre les explications de Don. Ca vous permettra au moins de prendre les mesures minimales de précaution qui s'imposent ou de continuer à vos risques et périls...

 
@ Paillassou : J'ai eu pour ma part une fin de non recevoir de FOSCAM quant aux mises à jour de firmware pour des modèles comme la FI8918. Peut être aurais tu plus de chances compte tenu de tes relations passées avec eux ? Il se pourrait aussi qu'une manifestation plus "globale" par de nombreux membres du forum puisse aussi les faire réflèchir ?
 
Edit : L'exploit n°1 est encore pire que ça : le dump garde apparemment en mémoire tous les anciens mots de passe et users utilisés. Donc même si vous mettez un mot de passe et un email spécifique pour la camera comme le suggère Don, vous n'êtes pas tranquille pour autant si vos anciens mots de passe sont encore en fonction quelque part dans votre réseau ou système...
 
Cordialement

 
 
Je regarde pour monter une caméra en extérieur genre ça : http://www.casabill.com/cameras-ip [...] -wifi.html
Mais je me demande comment est faite l'alimentation électrique, si c'est par la prise jack ça me semble tout sauf étanche non ?

 
Il ya une petite longueur de cable qui sort de la caméra. Il suffit de faire le raccordement dans un boitier étanche (genre boite de dérivation Plexo).

Personne pour mon problème    
 

Bonjour, j'ai jeté un œil aux commentaires du compte Casabill sur ebay.fr et ils mettent peu en confiance. Plus le fait qu'il se font passer pour le fabricant avec l'url foscam.fr je trouve ça moyen même s'ils ont surement l'autorisation. Vous me confirmez qu'il vaut mieux directement commander en Angleterre sur le site officiel ? A la rigueur sur amazon qui doit surement faire pression ou rembourser en cas de soucis.  

Je voudrais en installer deux avec seulement une connexion Internet sans stockage de donnée disponible sur le lieu d'installation (maison secondaire) donc avec un compte FTP pour l'historique. Ca fonctionne sans soucis de cette façon ?

Merci !  

Je retourne lire les pages récentes du topic en attendant.  

Bonjour à tous,
Bonjour paillassou,
Je reviens vers vous avec toujours le même problème: http://forum.hardware.fr/forum2.ph [...] 62#t675662
Ma FosCam FI8908W v1.1 ne démarre plus, seule le voyant réseau orange reste allumé.
Une IP lui est attribuée, mais impossible de joindre sa page.
Un reset n'a rien fait.
Le logiciel IpCameraTools ne trouve aucune cam.

J'ai acheté une petite carte imprimée: USB to RS232 TTL 232 Converter Module PL2303 Chip PC
J'ai branché comme ceci http://3.bp.blogspot.com/_m16_YxsB [...] covery.jpg

Problème, quand je lance putty, rien ne se passe...

Pourriez-vous m'aider ?

Merci
Mat

Bonsoir !
 
J'ai un petit souci avec IP CAM VIEWER depuis quelques temps, et je ne trouve pas de solution.
J'ai une Foscam FI8910W. Avant j'étais chez Free, ça marchait nickel.
Maintenant je suis chez SFR, j'ai une neufbox ADSL depuis janvier, et là ça coince.
 
J'ai paramétré ce qu'il faut sur la box, je saisi l'IP, le modèle, etc... dans IP CAM VIEWER. Quand je fais un test dans les paramètres, ça me dit bien "Acquisition d'image de la caméra réussie !" et j'ai une capture.
 
Par contre, quand j'enregistre le tout et que je vais voir ma cam, ça me dit "camera/feed not available".
 
Vu que ça marche lors du "test", je ne vois pas ce qui peut déconner du coup.    
J'ai la dernière version pro de l'application.

 
Qu'est-ce que ça donne en consultation basique à partir d'un navigateur en composant l'IP et le port de la cam ?

Merci à theuberoverlord pour ses mises en garde !
 
Après avoir vérifié que ...//proc/kcore "rentrait" bien dans ma Foscam FI8910W, j'ai effectué la mise à jour en version 11.37.2.49.
 
Ma caméra n'était peut-être pas listée sur shodanhq car mon IP seule ne répond pas, par contre mon IP avec le bon port... oui, bien sûr.
 
Maintenant en version 11.37.2.49 ...//proc/kcore ne "rentre" plus (premier 'exploit').
 
Et heureusement tout le paramétrage de la caméra a été conservé lors de la mise à jour :-)
 
Côté identifiants et mots de passe Foscam je n'ai gardé qu'un compte administrateur avec accès ADSL, car j'administre à distance, avec bien sûr ID et MDP différents des précédents. Et aucun autre compte, donc pas de compte Operateur pour le second 'exploit'.
 
Pour le mail je suis passé d'un compte Google avec MDP [gasp... j'ai changé son MDP] à un compte Free sans MDP avec une Freebox (voir page 1 Paillassou) : plus trop de risque de ce côté là, même en cas de troisième 'exploit'...
 
Pour le FTP j'utilise un compte dédié [rien d'autre dans l'arborescence...] avec nouveau MDP : risque sur le contenu en RWED, mais pas sur le MDP attaché à un compte Free (MDP non modifiable directement), en cas de troisième 'exploit'...
 
Il reste aussi le détail du wifi, en cas de troisième 'exploit' : bof, quel intérêt ?
 
Et je coupe son alim quand il y a quelqu'un potentièlement en face, pour éviter les fausses alarmes... et les voyeurs en cas de troisième 'exploit'.
 
Je ne vois pas trop quoi faire de plus à part utiliser un port pas trop connu : lequel ???
 
Voilà si vous avez des commentaires ou propositions, n'hésitez pas ;-)

 
 
drapal dans l'attente d'une promo sympa sur la 8910W    
 
bien envie de m'y remettre (j'avais la 8908W) en combinaison avec mon Synology  

Bonsoir  
Petit problème suite à une maj du firmware pour la faille de sécurité sur une foscam FI8918W , j'ai bien pris les bons fichiers sauf que le wifi ne fonctionne plus sur la caméra (la cam ne voit plus de reseau ), reset total fait . Aucun changement
Je pense avoir fait une erreur en passant par l'interface web et non pas par le logiciel ipcamera tools, mais bien en rj45 (par contre l'antivirus actif )
 
Version avant Maj
Firmware: 11.22.2.23
WebUI : 2.4.18.15
 
Premiere MAJ
Firmware : 11.22.2.47
Web UI : 2.4.10.2
 
Second MAJ
Firmware : 11.37.2.49
Web UI : 2.4.10.4
 
Ce n'est pas la premiére fois que je fais un update , les cams fonctionnent parfaitement depuis Trois ans  
Est ce recuperable? peut on reflacher le WebUI ?
Si non en RJ45 tout est OK et elle fonctionne parfaitement.
J'ai fait la Co....rie de le faire sur deux Cams (Pareil sur les deux ) donc basta , car j'en ai 6  
J'ai parcouru le forum plusieurs personnes ont eu le meme probléme , mais pas trouvé de solution

 
 
Les firmware 11.37 et 11.22 ne sont pas compatibles...
Ce sont deux branches differentes.
Tes cameras etaient en 11.22.xx tu n'aurais jamais du passer un firmware 11.37.xxx...
 
Essaye de reflassher le 11.22.2.47 et 2.4.10.2 si jamais ca passe  

Plus boullet que moi tu meurs      
je viens de me relire et effectivement je me suis emmellé les pinceaux avec les fichiers , car j'ai les deux styles de camera et hop l'erreur fatale
je vais essayer de reflasher avec le bon firmware , en esperant que cela fonctionne  
par contre je pense reflasher d'abord le firmware et en suite le Web UI  
 
Le 11.22.2.49 n'est pas encore dispo pour la correction des derniéres failles de sécurité ?

 
It needs to be stated that even the x.x.x.49 firmware release does NOT protect an Operator User Level Id from accessing your IP Cameras configuration information. While it should protect you from ("Exploit One" ) I suggest that others should test and confirm, as you have, that at least your IP Cameras are protected from ("Exploit One" ).
 
As of this date. There has been no version of firmware released, to protect you from the second exploit of the two ("Exploit Two" ).
 
You can verify this, by trying the second exploit, with your IP Cameras, here:
 
http://forum.hardware.fr/hfr/Hardw [...] tm#t733983
 
Depending on how old your IP Camera is. Even Foscam, may not have a firmware version to protect you from ("Exploit One" ). As stated in the link above. I don't know of any Brand for these IP Cameras, that has released a firmware version to even protect ("Some IP Cameras, depending on their age" ) besides Foscam. From ("Exploit One" ).
 
What makes these "Vulnerabilities" and two exploits, to your IP Cameras. To be classified as the most severe possible. Is the fact that any DDNS, Email, FTP User Id's and passwords which are stored in your IP Cameras configuration data, including the ability to gain access to ALL IP Camera User Id's as well as modify your IP Cameras UI ("User Interface" ). To create and hide, IP Camera User Id's, from you the camera owner. Using the tool created to do this.
 
It's not often, that a "Tool" is created ("With many menu options" ) to help those that may have limited programming experience, to be allowed. Simply by downloading a tool, be able to exploit this kind of information. From YOUR IP Cameras.
 
Don

 
C'est quoi ce WebUI ? Pas plutôt 2.4.8.15 ?
 
Pour le reste c'est pourtant écrit partout qu'il ne faut pas mélanger le 11.22.xx et le 11.37.xx ;-)
 
Comme de faire d'abord le Firmware (le bon et en une seule fois...) puis le WebUI, etc.
 
Selon le post de theuberoverlord cela touche effectivement le wifi (pour un même modéle) : 2 hardwares wifi différents à priori.
 
"Example: You cannot upgrade to system firmware version 11.37.x.x if the current version of system firmware in your camera is 11.22.x.x and vise versa. If you do. You will lose wireless ability of your camera."
 
Probablement réversible ???

Tout est rentré dans l'ordre , le donwgrade a fonctionné à merveille , donc c'est possible , mais c'est un coup de chance  
 
Hi Don ,  
 
thank's for your reply, unfortunately my cameras are not protected for exploit one with firmware 11.22.2.47  
Why ? old cam?
 
éffectivement en tapant la commande http://xxx.xxx.xxx.xxx:####//proc/kcore  tous les paramétres apparaissent en clair .Bref on retrouve tout le paramétrage de la caméra  
c'est vraiment inquiétant, je dirai même plus c'est vraiment flippant  
Maintenant si on fait un raz complet et mettant de nouveau paramètres est ce que les anciens subsistent?

Bonjour
 
Tu dis bien que , à part le wifi, toutes les autres fonctions marchent ? Parce que moi (voir plus haut) mes cams sont trop vieilles (avec firmware 11.22.xx) pour avoir la correction de l'exploit 1 mais je ne les utilise pas en wifi donc si je les flashes comme tu l'as fait, avec un 11.37.xx je perds le wifi mais je gagne la protection "exploit1"  OK ?  Pour moi, j'achète !
 
PS : je ferais bientôt l'expérience d'un reset complet mais je pense que cela vire tout (j'espère!)

Attention , effectivement tout fonctionnait, j'avais bien la visio , le déplacement fonctionnait également maintenant je n'ai pas été plus loin , car pour ma part le wifi est obligatoire,
Ce qui est sur pour moi c'est que le retour arrière a bien fonctionné
Maintenant je pense avoir testé l'exploit one et je pense que c'était ok, ce qui me préoccupait c'était le non fonctionnement du wifi

 
Chacun ses problèmes ...!    
J'ai demandé directement à Foscam support. Je vous tiendrai au courant. J'ai lu sur leur forum, la mise en garde contre les erreurs de firmware concerne bien le wifi :
"The two firmware versions cannot upgrade to each other. Otherwise, the wireless function will be invalid."
 
@Don : Do you know if wireless ability is really the only loss when upgrading an old firmware branch with the latest one ?

Hello,
 
Ma foscam  FI8908W en 11.14.2.28 est aussi touchée par l'exploit one, n'utilisant pas le Wifi, le passage sur un firmware 11.37.XX pourrais le résoudre ? sinon je pense qu'elle va passer à la casserole ... pas trop envie d'être espionné par des hackers ...
@+

 
I am trying to answer many replies, about this. In this post.
 
IF you install the wrong firmware version for your camera. You can almost be certain. That you will lose at least WiFi.
 
There can be no promises about your IP camera still functioning as normal, for other IP camera functions and features.
 
Generally. I stress "generally". You can recover from installing the wrong version of firmware. For the SAME camera model and brand. Please remember. There are many knockoffs and clones of these cameras. So, it is NOT a good idea to experiment with firmware you are unsure of.
 
I truly wish I could say otherwise. But. This is the truth. For example, different hardware versions for the same model camera, may not simply be different WiFi, but could also include different components, such as a different image sensor. Causing the images and video to be impacted.
 
So, even if you have no use for WiFi and can live without it. It's not a good idea to think that using other firmware versions, for the same camera model, will be a good choice or solution. It would be much better to see if you can place pressure on the seller. To provide the proper firmware and fixes for your camera model and the hardware version of that camera model.
 
There are methods to recover IP cameras, if you install the wrong firmware. They do NOT always work. You also may need to be able to determine what is normal for your IP camera, in order to attempt recovery.
 
Here is an example of a worse case recovery method: http://www.openipcam.com/forum/ind [...] 473.0.html
 
If you are not willing to do the things above. Worse case. I would not install the wrong firmware for your IP camera. Even IF you are willing. I would make sure, that you have saved a copy of the proper version of firmware for your IP camera. That you have in fact, taken notes, using a working serial interface for your camera. Notating, where things are located in your IP cameras memory. As the above shows how to do. So that you have better odds of recovering your IP camera vs. ending up with a very expensive paperweight.
 
As things move forward. Those that do this properly. Maybe can save others time. By documenting, what works and what does not. Making the risks of doing these things, easier then what they are now. Since there is little public documentation provided by others, currently. On what IP Camera hardware versions can run. Without WiFi. That can use other firmware, not intended for those same IP cameras. To at least, be protected from ("Exploit One" ).
 
If we help each other. We should at some point be able to say what is safe and what is not safe to do. But it will take some bold people at first. To do this.
 
What truly saddens me about this situation. Is that AFAIK. Foscam IS the only seller that has made ANY attempt to protect their IP cameras, from ("Exploit One" ) if those IP cameras hardware versions are still under warranty. This currently, does not include hardware versions for the same IP camera model that maybe older. Think of the 10's of Thousands of knockoffs and clones of these IP cameras, that sellers have NOT released any firmware upgrades to protect them from ("Exploit One" ). I do still hope that Foscam, soon will release another firmware upgrade. That also protects from ("Exploit Two" ). However. I am not sure this will ever happen.
 
Under the current circumstances. I can only suggest that ALL MJPEG based IP camera owners. Test their IP cameras. So that at least they can determine if they own one of these IP Cameras that is exposed to both these vulnerabilities here:
 
http://forum.hardware.fr/hfr/Hardw [...] tm#t733983
 
Don

Concernant les mises à jour :
 
1/ System firmware version: 11.37.2.49
lr_cmos_11_37_2_49.bin mardi 25 décembre 2012, 17:14:16
2.4.10.4.bin dimanche 17 février 2013, 15:47:30
How to... mardi 19 février 2013, 17:57:00
Read me.txt mercredi 17 avril 2013, 13:42:36
New features:
Add a new feature to enable and disable Manufacturer's DDNS.
 
2/ System firmware version: 11.22.2.47
lr_cmos_11_22_2_47.bin lundi 19 novembre 2012, 15:51:28
2.4.10.2.bin lundi 12 novembre 2012, 17:46:02
How to... mercredi 5 décembre 2012, 16:42:24
Read Me .txt mercredi 5 décembre 2012, 16:40:16
New features:
1) Big Change on UI;
2) Add Foscam DDNS (For cameras that support it in default factory settings);
3) Support sound alarm;
4) Support enable or disable record when alarm;
5) Make the wireless key invisible and improve the security;
6) Support full screen view in multi-device mode;
7) Support changing the name of manual record file,changed the record path settings;
8) Multi-Camera share the same record, snapshot, play, stop, audio or talk buttons;
9) Support mobile phone access via browser directly; (The browser on phone need support JavaScript);
10) Support Point to Point wireless connection;
11) Enable UPNP in default factory settings;
12) Support Portuguese languages on UI.
Fixed bugs:
1) Fixed the bug that wireless signal need scan two times;
2) Changed some translation and pop-up information;
3) Fixed the issue that wireless SSID and MAC address don't match some time;
4) Fixed the invalid test problem of FTP settings;
5) Fixed invalid alarm schedule settings problem.
 
3/ System firmware version: 11.37.2.48
lr_cmos_11_37_2_48.bin lundi 10 décembre 2012, 09:32:44
2.4.10.2.001.bin samedi 15 décembre 2012, 13:55:32
How to... lundi 17 décembre 2012, 15:57:12
Read me.txt lundi 17 décembre 2012, 14:40:52
New features:
1) Big Change on UI;
2) Add Foscam DDNS (For cameras that support it in default factory settings);
3) Support sound alarm;
4) Support enable or disable record when alarm;
5) Make the wireless key invisible and improve the security;
6) Support full screen view in multi-device mode;
7) Support changing the name of manual record file,changed the record path settings;
8) Multi-Camera share the same record, snapshot, play, stop, audio or talk buttons;
9) Support mobile phone access via browser directly; (The browser on phone need support JavaScript);
10) Support Point to Point wireless connection;
11) Enable UPNP in default factory settings;
12) Support Portuguese languages on UI.
Fixed bugs:
1) Fixed the bug that wireless signal need scan two times;
2) Changed some translation and pop-up information;
3) Fixed the issue that wireless SSID and MAC address don't match some time;
4) Fixed the invalid test problem of FTP settings;
5) Fixed invalid alarm schedule settings problem.
 
Donc ordre chronologique :
11.22.2.47 le 19-11-2012 / 12-11-2012 = 12-New + 5-Fixed
11.37.2.48 le 10-12-2012 / 15-12-2012 = idem 11.22.2.47
11.37.2.49 le 25-12-2012 / 17-02-2013 = DDNS [+ exploit 1]
 
Logiquement Foscam devrait donc sortir une 11.22.2.50 avec DDNS + exploit 1 ???
 
 
Edit 16-05 : questions @Don
 
Do you know why firmwares and UIs are sometimes different between Foscam.com (China) and Foscam.us (USA) ?
 
Are Foscam.us downloads just the same as Foscam.com downloads (I mean programming code) ?
 
Are they delayed because of tests by Foscam.us, or just waiting for tests by non-US clients ?
 
Is it possible to build an history of versions / dates : where to find all previous zip files ?
 
Thanks

Sorry Don, la réponse du support FOSCAM est sans ambiguité ...
 

Peut être les versions plus récentes auront plus de chances