CVE-2018-4016

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:anker-in:roav_dashcam_a1_firmware:roava1swv1.9:*:*:*:*:*:*:*
cpe:2.3:h:anker-in:roav_dashcam_a1:-:*:*:*:*:*:*:*

History

07 Jun 2022, 16:41

Type Values Removed Values Added
CVSS v2 : 7.5
v3 : 9.8
v2 : 5.8
v3 : 8.8

Information

Published : 2019-05-13 16:29

Updated : 2023-12-10 12:59


NVD link : CVE-2018-4016

Mitre link : CVE-2018-4016

CVE.ORG link : CVE-2018-4016


JSON object : View

Products Affected

anker-in

  • roav_dashcam_a1
  • roav_dashcam_a1_firmware
CWE
CWE-787

Out-of-bounds Write