CVE-2022-40918

CRITICAL

Force 1 Discovery Wifi U818A HD+ FPV Drone <2.0.10 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368

Scores

CVSS v3 9.8
EPSS 0.0175
EPSS Percentile 75.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-787
Status published
Products (1)
force1rc/discovery_wifi_u818a_hd\+_fpv_firmware 2.0.10
Published Dec 06, 2022
Tracked Since Feb 18, 2026