Vulnerability Details CVE-2018-20342
The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.5%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.2
References
- http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/
- https://neolex-security.fr/blog/8/
- https://neolex-security.fr/blog/7/
- http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/
- https://neolex-security.fr/blog/8/