CVE-2018-13114

Name of the Vulnerable Software and Affected Versions KERUI Wifi Endoscope Camera (YPC99) (affected versions not specified)

Description The issue concerns missing authentication and improper input validation, allowing an attacker to execute arbitrary commands with a length limit of 19 characters via the ssid value in the body of a SETSSID command. For example, an attacker could use ssid:;ping 192.168.1.2 to execute a command.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.