2 matches found
CVE-2018-4023
An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution...
CVE-2018-4023
The CVE-2018-4023 issue affects the NT9665X chipset firmware used in the Anker Roav A1 Dashcam (RoavA1_SW_V1.9). The vulnerability is in the XML_UploadFile Wi‑Fi command (command 5001) where the fixup_path routine copies user-supplied URL paths into a fixed-size stack buffer without bounds checki...