VYPR

Roav A1 Dashcam

by Anker

CVEs (8)

  • CVE-2018-4029CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code…

  • CVE-2018-4023CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.

  • CVE-2018-4018CriMay 13, 2019
    risk 0.64cvss 9.8epss 0.02

    An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP…

  • CVE-2018-4028HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.01

    An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker…

  • CVE-2018-4027HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from…

  • CVE-2018-4026HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.01

    An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device…

  • CVE-2018-4025HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device…

  • CVE-2018-4024HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot.