17 matches found
CVE-2026-58453
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...
CVE-2026-58454 JAIOTlink C492A-W6 4.8.30.57701411 RCE via /Anyka/config Endpoint
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...
EUVD-2026-41049
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...
CVE-2026-58453 JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...
CVE-2026-58453
JAIOTlink C492A-W6 Wi‑Fi IP cameras (firmware 4.8.30.57701411) are affected by CVE-2026-58453 due to hard-coded credentials. An attacker on the network can authenticate to the anyka_ipc HTTP service (port 80) using the default admin username with an empty password, gaining unauthorized access to ...
CVE-2025-63296
KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup /usr/sbin/anykaservice.sh scans mounted TF/SD cards and, if /mnt/update.nor.sh is present, copies it to /tmp/net.sh and executes it as root...
EUVD-2023-34820
Malicious code in bioql PyPI...
CVE-2023-30400
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
CVE-2025-25680
LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...
CVE-2023-30400
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
CVE-2023-30400
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
CVE-2023-30400
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
Command injection
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
CVE-2023-30400
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating system allows attackers to perform arbitrary command execution via a crafted wifi SSID or password...
PT-2023-22672 · Anyka Microelectronics · Ak3918Ev300
Name of the Vulnerable Software and Affected Versions: Anyka Microelectronics AK3918EV300 MCU version 18 Description: An issue was discovered in the network configuration script within the MCU's operating system, allowing attackers to perform arbitrary command execution via a crafted wifi SSID or...
CVE-2023-30400
CVE-2023-30400 affects Anyka Microelectronics AK3918EV300 MCU v18. The issue is a command injection in the MCU’s network configuration script, enabling arbitrary command execution when a crafted wifi SSID or password is processed. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector, low...
Anyka Microelectronics AK3918EV300 MCU 命令注入漏洞
Anyka Microelectronics AK3918EV300 MCU is a single chip from Anyka Microelectronics China. A security vulnerability exists in the Anyka Microelectronics AK3918EV300 MCU v18. The vulnerability can be exploited by an attacker to execute arbitrary commands via a specially crafted wifi SSID or passwo...