CVE-2018-4026
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot.
Se presenta una vulnerabilidad explotable de Denegación de Servicio (DoS) en el comando Wi-Fi XML_GetScreen del de NT9665X Chipset firmware ejecutado en Anker Roav A1 Dashcam, versión RoavA1SWV1.9. Un conjunto de paquetes especialmente creados puede generar una anulación de memoria no válida, lo que conlleva a un reinicio del dispositivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-01-02 CVE Reserved
- 2019-05-13 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-754: Improper Check for Unusual or Exceptional Conditions
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2018-0698 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Anker-in Search vendor "Anker-in" | Roav Dashcam A1 Firmware Search vendor "Anker-in" for product "Roav Dashcam A1 Firmware" | 1.9 Search vendor "Anker-in" for product "Roav Dashcam A1 Firmware" and version "1.9" | - |
Affected
| in | Anker-in Search vendor "Anker-in" | Roav Dashcam A1 Search vendor "Anker-in" for product "Roav Dashcam A1" | - | - |
Safe
|