CVE-2018-12257
CVE-2018-12257 affects Momentum Axel 720P 5.1.8. An authenticated root user with CLI access can remotely upgrade firmware to a custom image by exploiting DNS hijacking and the device’s lack of SSL validation: changing /etc/resolv.conf to point to the attacker’s server, then serving the expected H...