Vulnerabilities > CVE-2022-40918 - Out-of-bounds Write vulnerability in Force1Rc Discovery Wifi U818A Hd+ FPV Firmware 2.0.10

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

force1rc

CWE-787

critical

NVD

Published: 2022-12-06

Updated: 2023-11-07

Summary

Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368

Vulnerable Configurations

Part	Description	Count
OS	Force1Rc Force1Rc Discovery Wifi U818A Hd+ FPV Firmware 2.0.10	1
Hardware	Force1Rc Force1Rc Discovery Wifi U818A Hd+ FPV -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References