PT-2019-10759 · Newtec+1 · Nt9665X Chipset+1
Publicado
2019-05-13
·
Atualizado
2022-06-07
·
CVE-2018-4026
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Anker Roav A1 Dashcam version RoavA1SWV1.9
Description
A denial-of-service issue exists in the XML GetScreen Wi-Fi command of the NT9665X Chipset firmware. It can be exploited by sending a specially crafted set of packets, causing an invalid memory dereference that results in a device reboot.
Recommendations
For version RoavA1SWV1.9, consider disabling the XML GetScreen Wi-Fi command as a temporary workaround until a patch is available. Restrict access to this command to minimize the risk of exploitation.
Exploit
Correção
Improper Check for Exceptional Conditions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Anker Roav A1 Dashcam
Nt9665X Chipset