Vulnerability Details CVE-2022-40785
Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.7%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-40785
-
cpe:2.3:h:mipcm:mipc_camera:-
-
cpe:2.3:o:mipcm:mipc_camera_firmware:5.3.1.2003161406