CVE-2014-6433

GoPro HERO 3+ - Remote Code Execution via gpExec a1 or a2 Parameter

Title source: llm
STIX 2.1

Description

gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-347/

Scores

EPSS 0.0332
EPSS Percentile 87.1%

Details

CWE
CWE-94
Status published
Products (2)
gopro/gopro_hero 3\+
gopro/gopro_hero_firmware 3\+
Published Oct 07, 2014
Tracked Since Feb 18, 2026