CVE-2021-30166
The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.
Date published : 2021-04-28
https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e
https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388