Vulnerability Details CVE-2022-40918
Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.5%
CVSS Severity
CVSS v3 Score 9.8
References
- https://1af95112-6fd8-4c8f-8bd6-c47f8ef7b77a.filesusr.com/ugd/c1f861_51eb0d33d5764efc93e9d5f19c306950.pdf
- https://medium.com/%40meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368
- https://1af95112-6fd8-4c8f-8bd6-c47f8ef7b77a.filesusr.com/ugd/c1f861_51eb0d33d5764efc93e9d5f19c306950.pdf
- https://medium.com/%40meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368
Products affected by CVE-2022-40918
-
cpe:2.3:h:force1rc:discovery_wifi_u818a_hd+_fpv:-
-
cpe:2.3:o:force1rc:discovery_wifi_u818a_hd+_fpv_firmware:2.0.10