2 matches found
CVE-2018-13114
Missing authentication and improper input validation in KERUI Wifi Endoscope Camera YPC99 allow an attacker to execute arbitrary commands with a length limit of 19 characters via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command...
CVE-2018-13114
CVE-2018-13114 affects the KERUI Wifi Endoscope Camera (YPC99). The issue arises from missing authentication and improper input validation in the device’s SETSSID handling, enabling an attacker to inject commands through the ssid field (example: ssid:;ping 192.168.1.2) with a command length limit...