Vulnerability Details CVE-2018-4027
An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or network inputs. An attacker can send a specially crafted packet to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.5%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 7.8
References
Products affected by CVE-2018-4027
-
cpe:2.3:h:anker-in:roav_dashcam_a1:-
-
cpe:2.3:o:anker-in:roav_dashcam_a1_firmware:1.9