11 matches found
CVE-2026-58454
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...
CVE-2026-58454 JAIOTlink C492A-W6 4.8.30.57701411 RCE via /Anyka/config Endpoint
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...
CVE-2026-58454
Affected product : JAIOTlink C492A-W6 Wi‑Fi IP cameras running firmware 4.8.30.57701411. Vulnerability : remote code execution via the authenticated /Anyka/config HTTP endpoint. Root cause / vector : attackers with authentication can write to writable persistent JFFS2 storage, stage a malicious s...
CVE-2026-58454
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...
CVE-2026-58453 JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...
CVE-2026-58453
JAIOTlink C492A-W6 Wi‑Fi IP cameras (firmware 4.8.30.57701411) are affected by CVE-2026-58453 due to hard-coded credentials. An attacker on the network can authenticate to the anyka_ipc HTTP service (port 80) using the default admin username with an empty password, gaining unauthorized access to ...
EUVD-2026-41049
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...
CVE-2026-58452 JAIOTlink C492A-W6 4.8.30.57701411 OS Command Injection via SetMAC Endpoint
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...
CVE-2026-58452
The CVE covers JAIOTlink C492A-W6 Wi‑Fi IP cameras running firmware 4.8.30.57701411. Affected component is the NetSDK/Factory SetMAC HTTP PUT endpoint. The root cause is an OS command injection where a malicious Wireless parameter (starting with a MAC-like prefix, then a semicolon and a shell pay...
CVE-2026-58452
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...
EUVD-2026-41048
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...