Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.
References
Link | Resource |
---|---|
https://github.com/iamweifan/jooan/blob/master/es_poc.py | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-12-10 14:29
Updated : 2020-08-24 10:37
NVD link : CVE-2018-20050
Mitre link : CVE-2018-20050
JSON object : View
CWE
Products Affected
qacctv
- jooan_ja-q1h_wi-fi_camera_firmware
- jooan_ja-q1h_wi-fi_camera