CVE-2026-38740: n/a
Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol (SDP), including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can intercept these credentials to hijack media streams or authenticate to Foscam's TURN/relay infrastructure to forward arbitrary traffic at the vendor's expense.
AI Analysis
Technical Summary
CVE-2026-38740 describes a vulnerability in Foscam VD1 Video Doorbell devices prior to version V5.3.13_1072 where sensitive SDP information, including ICE credentials and candidates, is transmitted in cleartext. This cleartext transmission exposes these credentials to interception by attackers with network access, potentially enabling media stream hijacking or misuse of the vendor's relay infrastructure. The vulnerability is due to lack of encryption on sensitive signaling data over network interfaces. No CVSS score or vendor advisory with patch information is available.
Potential Impact
An attacker with network visibility can intercept sensitive SDP credentials, which may allow hijacking of video/audio media streams or unauthorized authentication to Foscam's TURN/relay infrastructure. This could result in unauthorized media access or abuse of vendor resources to relay arbitrary traffic. There is no current evidence of active exploitation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, limit network exposure of the device and monitor for unusual network activity related to media streams or relay usage. Avoid using affected versions in untrusted network environments.
CVE-2026-38740: n/a
Description
Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol (SDP), including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can intercept these credentials to hijack media streams or authenticate to Foscam's TURN/relay infrastructure to forward arbitrary traffic at the vendor's expense.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-38740 describes a vulnerability in Foscam VD1 Video Doorbell devices prior to version V5.3.13_1072 where sensitive SDP information, including ICE credentials and candidates, is transmitted in cleartext. This cleartext transmission exposes these credentials to interception by attackers with network access, potentially enabling media stream hijacking or misuse of the vendor's relay infrastructure. The vulnerability is due to lack of encryption on sensitive signaling data over network interfaces. No CVSS score or vendor advisory with patch information is available.
Potential Impact
An attacker with network visibility can intercept sensitive SDP credentials, which may allow hijacking of video/audio media streams or unauthorized authentication to Foscam's TURN/relay infrastructure. This could result in unauthorized media access or abuse of vendor resources to relay arbitrary traffic. There is no current evidence of active exploitation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, limit network exposure of the device and monitor for unusual network activity related to media streams or relay usage. Avoid using affected versions in untrusted network environments.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-04-06T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a06e21bec166c07b0e8f073
Added to database: 5/15/2026, 9:06:35 AM
Last enriched: 5/15/2026, 9:08:34 AM
Last updated: 5/16/2026, 6:28:13 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.