cbcvebase.
CVE-2024-37066
published 2024-07-19

CVE-2024-37066: A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222, which allows attackers to execute arbitrary commands over…

PriorityP260high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
1.83%
76.2th percentile
A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222, which allows attackers to execute arbitrary commands over Bluetooth as root during the camera setup process.

Affected

2 ranges
VendorProductVersion rangeFixed in
wyzecam_v4_firmware<= 4.52.4.9887
wyzewyze_cam_v4_pro<= 4.52.4.9887
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.