Bitdefender Labs

Name of the Vulnerable Software and Affected Versions: Bitdefender Box 1 version 1.3.11.490 Description: A command injection vulnerability exists in the "/check image and trigger recovery" API endpoint, allowing an unauthenticated, network-adjacent attacker to execute arbitrary commands on the device, potentially leading to full remote code execution (RCE). Recommendations: For Bitdefender Box 1 version 1.3.11.490, as a temporary workaround, consider disabling access to the "/check image and trigger recovery" API endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Bitdefender Box 1 versions 1.3.52.928 and below Description: An improper access control issue exists that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires the device to be booted in Recovery Mode and the attacker to be within the WiFi range of the unit. Recommendations: For Bitdefender Box 1 versions 1.3.52.928 and below, update the firmware to a version above 1.3.52.928 to prevent potential downgrades to vulnerable firmware versions. As a temporary workaround, consider restricting access to the Recovery Mode to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EZVIZ CS-CV248 versions prior to 5.2.3 build 220725 EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428 EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802 EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712 EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723 **Description** A Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component allows a remote attacker to execute remote code on the device. This issue affects various EZVIZ camera models. **Recommendations** For EZVIZ CS-CV248 versions prior to 5.2.3 build 220725, update to version 5.2.3 build 220725 or later. For EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428, update to version 5.3.0 build 220428 or later. For EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802, update to version 5.3.0 build 220802 or later. For EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712, update to version 5.3.0 build 220712 or later. For EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723, update to version 5.3.5 build 220723 or later.

**Name of the Vulnerable Software and Affected Versions** EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428 **Description** The issue is related to an Improper Initialization vulnerability in the local server component, allowing a local attacker to read the contents of the memory space containing the encrypted admin password. **Recommendations** For EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428, update to version 5.3.0 build 220428 or later to resolve the issue. As a temporary workaround, consider restricting access to the local server component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Eufy Indoor 2K Indoor Camera versions 2.0.9.3 and prior versions **Description** A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. **Recommendations** For Eufy Indoor 2K Indoor Camera versions 2.0.9.3 and prior versions, update to a version that fixes this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wyze Cam Pan v2 versions prior to 4.49.1.47 Wyze Cam v2 versions prior to 4.9.8.1002 Wyze Cam v3 versions prior to 4.36.8.32 **Description** A Stack-based Buffer Overflow issue allows an attacker to run arbitrary code on the affected device. This issue affects various Wyze Cam models, enabling attackers to execute arbitrary code. **Recommendations** For Wyze Cam Pan v2 versions prior to 4.49.1.47, update to version 4.49.1.47 or later. For Wyze Cam v2 versions prior to 4.9.8.1002, update to version 4.9.8.1002 or later. For Wyze Cam v3 versions prior to 4.36.8.32, update to version 4.36.8.32 or later.

**Name of the Vulnerable Software and Affected Versions** Wyze Cam Pan v2 versions prior to 4.49.1.47 Wyze Cam v2 versions prior to 4.9.8.1002 Wyze Cam v3 versions prior to 4.36.8.32 **Description** A vulnerability in the authentication logic of Wyze Cam devices allows an attacker to bypass login and control the devices. **Recommendations** For Wyze Cam Pan v2 versions prior to 4.49.1.47, update to version 4.49.1.47 or later. For Wyze Cam v2 versions prior to 4.9.8.1002, update to version 4.9.8.1002 or later. For Wyze Cam v3 versions prior to 4.36.8.32, update to version 4.36.8.32 or later.

Name of the Vulnerable Software and Affected Versions: Abode iota All-In-One Security Kit versions prior to 1.0.2.23 6.9V dev t2 homekit RF 2.0.19 s2 kvsABODE oz. Description: The issue is an OS Command Injection vulnerability in the wirelessConnect handler of the Abode iota All-In-One Security Kit. This vulnerability allows an attacker to inject commands and gain root access. Recommendations: For Abode iota All-In-One Security Kit versions prior to 1.0.2.23 6.9V dev t2 homekit RF 2.0.19 s2 kvsABODE oz., update to version 1.0.2.23 6.9V dev t2 homekit RF 2.0.19 s2 kvsABODE oz. or later to resolve the issue. As a temporary workaround, consider restricting access to the wirelessConnect handler until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Victure PC420 firmware versions prior to 1.2.2 **Description** A Stack-based Buffer Overflow issue in the ONVIF server component of the Victure PC420 smart camera allows an attacker to execute remote code on the target device. **Recommendations** For Victure PC420 firmware versions prior to 1.2.2, update to a version newer than 1.2.2 to resolve the issue. As a temporary workaround, consider disabling the ONVIF server component until a patch is available.

Name of the Vulnerable Software and Affected Versions: ADT LifeShield DIY HD Video Doorbell versions 1.0.02R09 and prior versions Description: The issue is related to an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in the HTTP interface of the device. This allows an attacker on the same network to execute commands on the device. Recommendations: For ADT LifeShield DIY HD Video Doorbell versions 1.0.02R09 and prior versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** August Connect Wi-Fi Bridge App versions v10.11.0 and prior August Connect Firmware versions 2.2.12 and prior **Description** The issue is related to the use of a hard-coded cryptographic key in the August Connect Wi-Fi Bridge App and Connect Firmware, allowing an attacker to decrypt an intercepted payload containing Wi-Fi network authentication credentials. **Recommendations** For August Connect Wi-Fi Bridge App versions v10.11.0 and prior, update to a version newer than v10.11.0 to resolve the issue. For August Connect Firmware versions 2.2.12 and prior, update to a version newer than 2.2.12 to resolve the issue. As a temporary workaround, consider restricting access to the Wi-Fi network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Netatmo Smart Indoor Camera versions prior to x.xx **Description** The issue is related to an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. This allows an attacker to execute commands on the device. **Recommendations** For Netatmo Smart Indoor Camera versions prior to x.xx, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Belkin WeMo Insight Switch firmware versions prior to 2.00.11396 **Description** A Stack-based Buffer Overflow issue in the libbelkin api.so component of the firmware allows a local attacker to obtain code execution on the device. **Recommendations** For versions prior to 2.00.11396, update to a version newer than 2.00.11396 to resolve the issue.