Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Flock Safety Android Collins application (aka com.flocksafety.android.collins) 6.35.31 for Android lacks authentication. It is responsible for the camera feed on Falcon, Sparrow, and Bravo devices, but exposes administrative API endpoints on port 8080 without authentication. Endpoints include but are not limited to: /reboot, /logs, /crashpack, and /adb/enable. This results in multiple impacts including denial of service (DoS) via /reboot, information disclosure via /logs, and remote code execution (RCE) via /adb/enable. The latter specifically results in adb being started over TCP without debugging confirmation, providing an attacker in the LAN/WLAN with shell access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Flock Safety Android Collins 安全漏洞
Vulnerability Description
Flock Safety Android Collins是美国Flock Safety公司的一个管理摄像头的应用模块。 Flock Safety Android Collins 6.35.31版本存在安全漏洞,该漏洞源于缺乏身份验证,可能导致拒绝服务、信息泄露和远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A