Sign-up

ID

VAR-201905-0843


CVE

CVE-2018-4023


TITLE

Anker Roav A1 Dashcam Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015447

DESCRIPTION

An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. Anker Roav A1 Dashcam Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Novatek NT9665X Chipset is a chip for camera equipment. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Trust: 1.8

sources: NVD: CVE-2018-4023 // JVNDB: JVNDB-2018-015447 // VULHUB: VHN-134054 // VULMON: CVE-2018-4023

IOT TAXONOMY

category:['camera device']sub_category:dashcam

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:anker inmodel:roav dashcam a1scope:eqversion:1.9

Trust: 1.0

vendor:anker innovationsmodel:roav dashcam a1scope:eqversion:roava1swv1.9

Trust: 0.8

sources: JVNDB: JVNDB-2018-015447 // NVD: CVE-2018-4023

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4023
value: CRITICAL

Trust: 1.0

talos-cna@cisco.com: CVE-2018-4023
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-4023
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201905-325
value: CRITICAL

Trust: 0.6

VULHUB: VHN-134054
value: HIGH

Trust: 0.1

VULMON: CVE-2018-4023
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-4023
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-134054
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4023
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2018-4023
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2018-4023
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-134054 // VULMON: CVE-2018-4023 // JVNDB: JVNDB-2018-015447 // CNNVD: CNNVD-201905-325 // NVD: CVE-2018-4023 // NVD: CVE-2018-4023

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-134054 // JVNDB: JVNDB-2018-015447 // NVD: CVE-2018-4023

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-325

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-325

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015447

PATCH
title:Roav DashCam A1url:https://goroav.com/products/roav-dash-cam-a1
Trust: 0.8
title:NT9665X Chipset Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92490
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-015447 // 
            
            
            
            CNNVD: CNNVD-201905-325

EXTERNAL IDS
db:NVDid:CVE-2018-4023
Trust: 2.7
db:TALOSid:TALOS-2018-0695
Trust: 2.6
db:JVNDBid:JVNDB-2018-015447
Trust: 0.8
db:CNNVDid:CNNVD-201905-325
Trust: 0.7
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-134054
Trust: 0.1
db:VULMONid:CVE-2018-4023
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULHUB: VHN-134054 // 
            
            
            
            VULMON: CVE-2018-4023 // 
            
            
            
            JVNDB: JVNDB-2018-015447 // 
            
            
            
            CNNVD: CNNVD-201905-325 // 
            
            
            
            NVD: CVE-2018-4023

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0695
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-4023
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4023
Trust: 0.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0695
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/787.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULHUB: VHN-134054 // 
            
            
            
            VULMON: CVE-2018-4023 // 
            
            
            
            JVNDB: JVNDB-2018-015447 // 
            
            
            
            CNNVD: CNNVD-201905-325 // 
            
            
            
            NVD: CVE-2018-4023

CREDITS
Discovered by Lilith [<_<] of Cisco Talos.,Lilith [<_<] of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-325

SOURCES
db:OTHERid: - 
db:VULHUBid:VHN-134054
db:VULMONid:CVE-2018-4023
db:JVNDBid:JVNDB-2018-015447
db:CNNVDid:CNNVD-201905-325
db:NVDid:CVE-2018-4023

LAST UPDATE DATE
2025-01-30T21:39:10.090000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-134054date:2020-08-24T00:00:00
db:VULMONid:CVE-2018-4023date:2022-06-07T00:00:00
db:JVNDBid:JVNDB-2018-015447date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-325date:2020-08-25T00:00:00
db:NVDid:CVE-2018-4023date:2024-11-21T04:06:32.303

SOURCES RELEASE DATE
db:VULHUBid:VHN-134054date:2019-05-13T00:00:00
db:VULMONid:CVE-2018-4023date:2019-05-13T00:00:00
db:JVNDBid:JVNDB-2018-015447date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-325date:2019-05-13T00:00:00
db:NVDid:CVE-2018-4023date:2019-05-13T16:29:00.727