Vulnerabilities (CVE)

Filtered by vendor Anker-in Subscribe
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-4029 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution.
CVE-2018-4028 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POST request to trigger this vulnerability.
CVE-2018-4027 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or network inputs. An attacker can send a specially crafted packet to trigger this vulnerability.
CVE-2018-4026 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot.
CVE-2018-4025 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot.
CVE-2018-4024 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot.
CVE-2018-4023 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.
CVE-2018-4018 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or upgrade firmware request to trigger this vulnerability.
CVE-2018-4017 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 3.3 LOW 8.8 HIGH
An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability.
CVE-2018-4016 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 5.8 MEDIUM 8.8 HIGH
An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
CVE-2018-4014 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.