描述
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
AI分析AI驱动
受影响产品
owletcarecam_firmware
owletcarecam
-
owletcarecam_2_firmware
owletcarecam_2
-
throughtekkalay_platform
-
参考资料
- https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/ExploitThird Party Advisory
- https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/ExploitThird Party Advisory