The vulnerability of the development package for integrating cloud services and communication functions in IoT devices. The Kalay SDK, a microprogramming software for video surveillance cameras like Owlet Cam v1 and Owlet Cam v2, has a flaw related to the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands and increase their privileges.
The vulnerability of the development package for integrating cloud services and communication functions in IoT devices is related to the failure to remove special elements used in the operating system’s command set when executing system calls like IOCTL during the unpacking of updates. Exploiting...