CVE-2018-4027

Name of the Vulnerable Software and Affected Versions Anker Roav A1 Dashcam version RoavA1SWV1.9

Description A denial-of-service issue exists in the XML UploadFile Wi-Fi command of the NT9665X Chipset firmware. It can be triggered by a specially crafted packet, causing a semaphore deadlock that prevents the device from receiving physical or network inputs.

Recommendations For version RoavA1SWV1.9, as a temporary workaround, consider disabling the XML UploadFile Wi-Fi command until a patch is available. Restrict access to the Wi-Fi functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.