CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-4023

An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.1%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0695
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0695

Products affected by CVE-2018-4023

Anker-In » Roav Dashcam A1 » Version: N/A

cpe:2.3:h:anker-in:roav_dashcam_a1:-
Anker-In » Roav Dashcam A1 Firmware » Version: 1.9

cpe:2.3:o:anker-in:roav_dashcam_a1_firmware:1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-4023

Products

Pricing

Contact Us