Lucene search

TalosCVELIST:CVE-2018-4028

HistoryMay 13, 2019 - 3:40 p.m.

CVE-2018-4028

2019-05-1315:40:35

talos

www.cve.org

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

42.8%

JSON

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POST request to trigger this vulnerability.

CNA Affected

[
  {
    "product": "Novatek",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Anker Roav A1 Dashcam RoavA1SWV1.9"
      }
    ]
  }
]

References

talosintelligence.com/vulnerability_reports/TALOS-2018-0700

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

42.8%

JSON

Related for CVELIST:CVE-2018-4028