all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-840: (Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Add to bookmarks
June 21, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-6249.

arbitrary code attackers authentication buffer buffer overflow cam cameras code code execution cve cve-2024 cves cvss exploit handling ip cameras network overflow pwn2own rating remote code remote code execution stack tcp traffic vulnerability wyze wyze cam zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-883: Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability 3 days, 2 hours ago | www.zerodayinitiative.com
arbitrary code attackers authentication code +14
ZDI-24-882: VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability 4 days, 2 hours ago | www.zerodayinitiative.com
attackers authentication cve cve-2024 +16
ZDI-24-840: (Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication buffer +25
ZDI-24-839: (Pwn2Own) Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cam +21
ZDI-24-838: (Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cam +23
ZDI-24-837: (Pwn2Own) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication buffer +24
ZDI-24-836: (Pwn2Own) Synology BC500 update_ntp_config Command Injection Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cameras +16
ZDI-24-835: (Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
attackers authentication cameras cvss +11
ZDI-24-834: (Pwn2Own) Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
attacker attackers cameras code +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Ingénieur Développement Logiciel IoT H/F

@ Socomec Group | Benfeld, Grand Est, France
View on infosec-jobs.com

Architecte Cloud – Lyon

@ Sopra Steria | Limonest, France
View on infosec-jobs.com

Senior Risk Operations Analyst

@ Visa | Austin, TX, United States
View on infosec-jobs.com

Military Orders Writer

@ Advanced Technology Leaders, Inc. | Ft Eisenhower, GA, US
View on infosec-jobs.com

Senior Golang Software Developer (f/m/d)

@ E.ON | Essen, DE
View on infosec-jobs.com

Senior Revenue Operations Analyst (Redwood City)

@ Anomali | Redwood City, CA
View on infosec-jobs.com