Published: 30/04/2021 Updated: 07/05/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated malicious user to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1 in rtsp_svc (or cause a crash). This allows remote takeover of a Furbo Dog Camera, for example.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ambarella oryx rtsp server 2020-01-07

Furbo Security Research

Furbo Security Research Exploit 1: An exploit for CVE-2020-24918, which is a buffer overflow in the RTSP Service running on the Furbo Dog Camera Model: Furbo2 The exploit relies on the fact that the RTSP Service restarts after crashing, so the base address of libc can be bruteforced Occasionally, the device may end up in a bad state and require a power cycle Upon successful

CWE-120 https://www.ambarella.com https://www.somersetrecon.com/blog https://somersetrecon.squarespace.com/blog/2021/hacking-the-furbo-part-1 https://nvd.nist.gov https://github.com/Somerset-Recon/furbo-research

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-24918

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect