CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-20050

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

https://github.com/iamweifan/jooan/blob/master/es_poc.py
https://github.com/iamweifan/jooan/blob/master/es_poc.py

Products affected by CVE-2018-20050

Qacctv » Jooan Ja-Q1h Wi-Fi Camera » Version: N/A

cpe:2.3:h:qacctv:jooan_ja-q1h_wi-fi_camera:-
Qacctv » Jooan Ja-Q1h Wi-Fi Camera Firmware » Version: 21.0.0.91

cpe:2.3:o:qacctv:jooan_ja-q1h_wi-fi_camera_firmware:21.0.0.91

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20050

Products

Pricing

Contact Us