Vulnerability Details CVE-2024-37066
A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222, which allows attackers to execute arbitrary commands over Bluetooth as root during the camera setup process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.0%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2024-37066
-
cpe:2.3:h:wyze:cam_v4:-
-
cpe:2.3:o:wyze:cam_v4_firmware:4.52.3.9455
-
cpe:2.3:o:wyze:cam_v4_firmware:4.52.4.9887