Firmware Upload Vulnerability in BlackVue DR750-2CH LTE v.1.012_2022.10.26

Firmware Upload Vulnerability in BlackVue DR750-2CH LTE v.1.012_2022.10.26

CVE-2023-27748 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.