PT-2022-25618 · Lewei Cam · Lewei Cam
Published
2022-12-05
·
Updated
2022-12-08
·
CVE-2022-40918
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
lewei cam binary version 2.0.10
Description
A buffer overflow issue in the firmware of the lewei cam binary allows an attacker to gain remote code execution as a root user. This can be achieved by sending a specially crafted UDP packet.
Recommendations
For lewei cam binary version 2.0.10, update the firmware to a version that fixes this issue. As a temporary workaround, consider restricting access to the UDP endpoint to minimize the risk of exploitation.
Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lewei Cam