No announcement yet.

CVE-2018-4018 Novatek NT9665X HTTP Upload Firmware Update Vulnerability

  • Filter
  • Time
  • Show
Clear All
new posts

  • CVE-2018-4018 Novatek NT9665X HTTP Upload Firmware Update Vulnerability

    I just stumbled across something interesting regarding novatek hacking:


    Actually someone (Lilith from Cisco Talos) discovered a vulnerability in wifi enabled novatek dashcams.
    You can read more details here:

    It even mentions the checksum cracking done by ntkcalc and packing via bfc4ntk

    It's listed at MITRE and NIST:

    According to their timeline, Novatek needs to know about the firmware hacking by now
    2019-01-22 - TWNCERT contacted Novatek and advised Novatek will check emails for reports
    2019-03-06 - 90+ day follow up - Talos asks TWNCERT for direct point of contact for Novatek
    2019-03-27 - Talos sends follow up to TWNCERT
    2019-04-02 - Talos sends copies of email correspondence and reports to TWNCERT
    2019-04-18 - Suggested pubic disclosure date of 2019-05-13 (171 days after initial disclosure)
    2019-04-19 - Vendor fixed issue and provided patch to their IDH

    Have a nice day,
    [email protected]
    Last edited by [email protected]; 01-24-2020, 05:03 PM.

  • #2
    "any NT96650 device it is surmised), it will look for the “A:\FW96658A.bin” file"
    Isn't it A:\FW96650A.bin?
    Donate here if you want to support my efforts and this site.

    Email me if you have any offers, requests or ideas.


    • Tobi@s
      [email protected] commented
      Editing a comment
      Good catch, I think you're right.
      To be sure one might check Roav A1 1.9 firmware