CVE-2014-6433
CVE-2014-6433 concerns gpExec in the GoPro HERO 3+. The vulnerability arises from insufficient parameter validation for the a1/a2 parameters when the start action is invoked (c1/c2 set to start), enabling remote code execution. The primary publicly referenced detail is the ZDI advisory (ZDI-14-34...