CVE-2018-20050

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.
References
Link Resource
https://github.com/iamweifan/jooan/blob/master/es_poc.py Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qacctv:jooan_ja-q1h_wi-fi_camera_firmware:21.0.0.91:*:*:*:*:*:*:*
cpe:2.3:h:qacctv:jooan_ja-q1h_wi-fi_camera:-:*:*:*:*:*:*:*

Information

Published : 2018-12-10 14:29

Updated : 2020-08-24 10:37


NVD link : CVE-2018-20050

Mitre link : CVE-2018-20050


JSON object : View

Advertisement

dedicated server usa

Products Affected

qacctv

  • jooan_ja-q1h_wi-fi_camera_firmware
  • jooan_ja-q1h_wi-fi_camera