CVE-2024-37066 Information

Description

A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222 which allows attackers to execute arbitrary commands over Bluetooth as root during the camera setup process.

Reference

https://hiddenlayer.com/sai-security-advisory/2024-7-wyze/ https://forums.wyze.com/t/security-advisory/289256