Phicomm K2 v22.6.534.263 exists to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
phicomm k2_firmware 22.6.534.263