CVE-2024-48214 - Tuya Camera Command Injection Vulnerability

3 weeks ago 9
ARTICLE AD BOX
CVE ID : CVE-2024-48214
Published : Oct. 30, 2024, 6:15 p.m. | 24 minutes ago
Description : KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that connects to the local network via a QR code. This vulnerability allows an attacker to create a custom, unauthenticated QR code and abuse one of the parameters, either SSID or PASSWORD, in the JSON data contained within the QR code. By that, the attacker can execute arbitrary code on the camera.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article