CVE-2018-20050

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.

MISC: https://github.com/iamweifan/jooan/blob/master/es_poc.py
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20050

8 years
235 countries
252k users
1569k calculations
Logo www.eleksys.cz
Logo www.inv-technology.com
Logo ru.kedacom.com
Logo www.i4wifi.cz
Logo sectech.co.nz
Logo blog.camcloud.com