6 matches found
CVE-2014-6434
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the 1 a1 or 2 a2 parameter in a restart action...
CVE-2014-6433
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the 1 a1 or 2 a2 parameter in a start action...
CVE-2014-6434
The CVE-2014-6434 issue affects GoPro HERO 3+ via gpExec. The vulnerability arises from insufficient parameter validation on the a1/a2 parameters when c1/c2 are set to restart, enabling remote code execution. Impact is remote execution of arbitrary commands on vulnerable devices without authentic...
CVE-2014-6433
CVE-2014-6433 concerns gpExec in the GoPro HERO 3+. The vulnerability arises from insufficient parameter validation for the a1/a2 parameters when the start action is invoked (c1/c2 set to start), enabling remote code execution. The primary publicly referenced detail is the ZDI advisory (ZDI-14-34...
(0Day) GoPro HERO 3+ gpExec restart Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GoPro HERO 3+. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gpExec component. This component performs insufficient parameter validation on the...
(0Day) GoPro HERO 3+ gpExec start Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GoPro HERO 3+. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gpExec component. This component performs insufficient parameter validation on the...