Sign-up

ID

VAR-201905-0849


CVE

CVE-2018-4029


TITLE

Anker Roav A1 Dashcam Vulnerable to out-of-bounds writing

Trust: 0.8

sources: JVNDB: JVNDB-2018-015440

DESCRIPTION

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution. Anker Roav A1 Dashcam Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Novatek NT9665X Chipset is a chip for camera equipment. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Trust: 1.8

sources: NVD: CVE-2018-4029 // JVNDB: JVNDB-2018-015440 // VULHUB: VHN-134060 // VULMON: CVE-2018-4029

AFFECTED PRODUCTS

vendor:anker inmodel:roav dashcam a1scope:eqversion:1.9

Trust: 1.0

vendor:anker innovationsmodel:roav dashcam a1scope:eqversion:roava1swv1.9

Trust: 0.8

sources: JVNDB: JVNDB-2018-015440 // NVD: CVE-2018-4029

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4029
value: CRITICAL

Trust: 1.0

talos-cna@cisco.com: CVE-2018-4029
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-4029
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201905-330
value: CRITICAL

Trust: 0.6

VULHUB: VHN-134060
value: HIGH

Trust: 0.1

VULMON: CVE-2018-4029
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-4029
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-134060
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4029
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2018-4029
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2018-4029
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-134060 // VULMON: CVE-2018-4029 // JVNDB: JVNDB-2018-015440 // CNNVD: CNNVD-201905-330 // NVD: CVE-2018-4029 // NVD: CVE-2018-4029

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.9

sources: VULHUB: VHN-134060 // JVNDB: JVNDB-2018-015440 // NVD: CVE-2018-4029

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-330

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-330

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015440

PATCH
title:Roav DashCam A1url:https://goroav.com/products/roav-dash-cam-a1
Trust: 0.8
title:NT9665X Chipset Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92495
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-015440 // 
            
            
            
            CNNVD: CNNVD-201905-330

EXTERNAL IDS
db:TALOSid:TALOS-2018-0701
Trust: 2.6
db:NVDid:CVE-2018-4029
Trust: 2.6
db:JVNDBid:JVNDB-2018-015440
Trust: 0.8
db:CNNVDid:CNNVD-201905-330
Trust: 0.7
db:VULHUBid:VHN-134060
Trust: 0.1
db:VULMONid:CVE-2018-4029
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134060 // 
            
            
            
            VULMON: CVE-2018-4029 // 
            
            
            
            JVNDB: JVNDB-2018-015440 // 
            
            
            
            CNNVD: CNNVD-201905-330 // 
            
            
            
            NVD: CVE-2018-4029

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0701
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-4029
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4029
Trust: 0.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0701
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/787.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134060 // 
            
            
            
            VULMON: CVE-2018-4029 // 
            
            
            
            JVNDB: JVNDB-2018-015440 // 
            
            
            
            CNNVD: CNNVD-201905-330 // 
            
            
            
            NVD: CVE-2018-4029

CREDITS
Lilith [
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-330

SOURCES
db:VULHUBid:VHN-134060
db:VULMONid:CVE-2018-4029
db:JVNDBid:JVNDB-2018-015440
db:CNNVDid:CNNVD-201905-330
db:NVDid:CVE-2018-4029

LAST UPDATE DATE
2024-11-23T22:41:30.133000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-134060date:2019-05-16T00:00:00
db:VULMONid:CVE-2018-4029date:2022-06-07T00:00:00
db:JVNDBid:JVNDB-2018-015440date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-330date:2019-05-22T00:00:00
db:NVDid:CVE-2018-4029date:2024-11-21T04:06:33.310

SOURCES RELEASE DATE
db:VULHUBid:VHN-134060date:2019-05-13T00:00:00
db:VULMONid:CVE-2018-4029date:2019-05-13T00:00:00
db:JVNDBid:JVNDB-2018-015440date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-330date:2019-05-13T00:00:00
db:NVDid:CVE-2018-4029date:2019-05-13T16:29:01.100