anker-in CVE Vulnerabilities & Metrics

Focus on anker-in vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About anker-in Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with anker-in. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total anker-in CVEs: 11
Earliest CVE date: 13 May 2019, 16:29 UTC
Latest CVE date: 13 May 2019, 16:29 UTC

Latest CVE reference: CVE-2018-4029

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical anker-in CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 7.33

Max CVSS: 10.0

Critical CVEs (≥9): 1

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	1
7.0-8.9	8
9.0-10.0	1

CVSS Distribution Chart

Top 5 Highest CVSS anker-in CVEs

These are the five CVEs with the highest CVSS scores for anker-in, sorted by severity first and recency.

CVE-2018-4018 anker-in Published on 13 May 2019, 16:29 UTC (CVSS: 10.0)
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or upgrade firmware request to trigger this vulnerability.
CVE-2018-4028 anker-in Published on 13 May 2019, 16:29 UTC (CVSS: 7.8)
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POST request to trigger this vulnerability.
CVE-2018-4027 anker-in Published on 13 May 2019, 16:29 UTC (CVSS: 7.8)
An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or network inputs. An attacker can send a specially crafted packet to trigger this vulnerability.
CVE-2018-4026 anker-in Published on 13 May 2019, 16:29 UTC (CVSS: 7.8)
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot.
CVE-2018-4025 anker-in Published on 13 May 2019, 16:29 UTC (CVSS: 7.8)
An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot.

All CVEs for anker-in

CVE-2018-4029 anker-in vulnerability CVSS: 7.5 13 May 2019, 16:29 UTC

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution.

CVE-2018-4028 anker-in vulnerability CVSS: 7.8 13 May 2019, 16:29 UTC

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POST request to trigger this vulnerability.

CVE-2018-4027 anker-in vulnerability CVSS: 7.8 13 May 2019, 16:29 UTC

An exploitable denial-of-service vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or network inputs. An attacker can send a specially crafted packet to trigger this vulnerability.

CVE-2018-4026 anker-in vulnerability CVSS: 7.8 13 May 2019, 16:29 UTC

An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot.

CVE-2018-4025 anker-in vulnerability CVSS: 7.8 13 May 2019, 16:29 UTC

An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot.

CVE-2018-4024 anker-in vulnerability CVSS: 7.8 13 May 2019, 16:29 UTC

An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot.

CVE-2018-4023 anker-in vulnerability CVSS: 7.5 13 May 2019, 16:29 UTC

An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.

CVE-2018-4018 anker-in vulnerability CVSS: 10.0 13 May 2019, 16:29 UTC

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or upgrade firmware request to trigger this vulnerability.

CVE-2018-4017 anker-in vulnerability CVSS: 3.3 13 May 2019, 16:29 UTC

An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability.

CVE-2018-4016 anker-in vulnerability CVSS: 5.8 13 May 2019, 16:29 UTC

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.

CVE-2018-4014 anker-in vulnerability CVSS: 7.5 13 May 2019, 16:29 UTC

An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.