Joshua Wang

**Name of the Vulnerable Software and Affected Versions** mIPC camera firmware version 5.3.1.2003161406 **Description** The issue is related to an unlimited strcpy on user input when setting a locale file, which leads to a stack buffer overflow. This occurs in the mIPC camera firmware. **Recommendations** For mIPC camera firmware version 5.3.1.2003161406, consider restricting user input when setting locale files to prevent potential stack buffer overflows until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mIPC camera firmware version 5.3.1.2003161406 **Description** Unsanitized input when setting a locale file leads to shell injection in the firmware. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app. **Recommendations** For mIPC camera firmware version 5.3.1.2003161406, consider disabling the locale file setting feature until a patch is available to prevent shell injection and potential remote code execution.