CVE-2017-17761

Name of the Vulnerable Software and Affected Versions Ichano AtHome IP Camera devices (affected versions not specified)

Description The issue concerns the "noodles" binary, a service running on port 1300, which allows a remote unauthenticated user to execute arbitrary commands. This is achieved by specifying the command within the system XML element. For instance, sending a <system>id</system> command results in a <system ack>ok</system ack> response. The vulnerability is related to the lack of input data sanitization in the camera's firmware, potentially allowing a remote attacker to exploit this weakness and execute commands using the "noodles" service on port 1300.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.