Samuel Herodotou

**Name of the Vulnerable Software and Affected Versions** Anyka Microelectronics AK3918EV300 MCU version 18 **Description** An issue was discovered in the network configuration script within the MCU's operating system, allowing attackers to perform arbitrary command execution via a crafted wifi SSID or password. This is due to a command injection vulnerability. **Recommendations** For Anyka Microelectronics AK3918EV300 MCU version 18, consider disabling the network configuration script until a patch is available to prevent arbitrary command execution. Restrict access to the wifi SSID and password configuration to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.