CVE-2018-4026

Published: May 13, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot.

Affected (1)

Products: Anker In: Roav Dashcam A1 Firmware

1 product

Roav Dashcam A1 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Anker In Roav Dashcam A1 Firmware	Version 1.9

Running on/with	Platform Versions
Anker In Roav Dashcam A1	All versions

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0698

Source: talos-cna@cisco.com

ExploitThird Party Advisory

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0698

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.