CVE-2018-4016

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

CVE-2018-4017

An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability...

Remote code execution

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution...

CVE-2018-4027

The CVE-2018-4027 entry maps to a denial-of-service flaw in the Novatek NT9665X chipset firmware used by the Anker Roav A1 Dashcam. The XML_UploadFile Wi‑Fi command (RoavA1_SW_V1.9) can be triggered by a specially crafted packet to cause a semaphore deadlock, locking WIFICMD_SEM_ID and potentiall...