CRITICAL🇬🇧 English

CVE-2018-4018

CVSS 9.8v3.1pub. 2019-05-13upd. 2024-11-21

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or upgrade firmware request to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Anker In Roav Dashcam A1

    HW
    Anker-In
    wszystkie wersje
  • Anker In Roav Dashcam A1 Firmware

    OS
    Anker-In
    1.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-4014CRITICAL9.8ten sam produkt

An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running versio...

CVE-2018-4023CRITICAL9.8ten sam produkt

An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset ...

CVE-2018-4029CRITICAL9.8ten sam produkt

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset...

CVE-2018-4028HIGH7.5ten sam produkt

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav ...

CVE-2018-4024HIGH7.5ten sam produkt

An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Ch...