CVE-2018-20050

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.

MISC: https://github.com/iamweifan/jooan/blob/master/es_poc.py
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20050

14 years
257 countries
689k users
4556k calculations
Logo www.use-ip.co.uk
Logo reolink.com
Logo www.elsec.cz
Logo ipcamtalk.com
Logo www.i4wifi.cz
Logo www.a1securitycameras.com