Vulnerabilities > CVE-2018-20050 - Unspecified vulnerability in Qacctv Jooan Ja-Q1H Wi-Fi Camera Firmware 21.0.0.91

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

qacctv

NVD

Published: 2018-12-10

Updated: 2020-08-24

Summary

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.

Vulnerable Configurations

Part	Description	Count
OS	Qacctv Qacctv Jooan JA Q1H WI FI Camera Firmware 21.0.0.91	1
Hardware	Qacctv Qacctv Jooan JA Q1H WI FI Camera -	1

References

https://github.com/iamweifan/jooan/blob/master/es_poc.py