[CVE-2018-16222 to 16225] Multiple Vulnerabilities in QBee and iSmartAlarm Products
The preface of the disclosure of CVE-2018-16225 (https://blog.francescoservida.ch/2018/09/16/cve-2018-16225-public-disclosure-qbee-camera-vulnerability/) contained a little lie: I did not findĀ one vulnerability during the research for my master thesis, butĀ four, three of which were still being patched by the vendor/under the 90 days disclosure timeframe given to the vendor. (more…)
[CVE-2018-16225] Public Disclosure – QBee Camera Vulnerability
During the research for my master thesis on IoT forensics: "Internet of Things: Traces, Vulnerabilities and Forensic Challenges" (more about it in the future), I found one vulnerability in the QBee Multisensor Camera (https://qbeecam.com/).
(more…)