CVE-2026-36933
Deferred Deferred - Pending Action

Arbitrary Code Execution in Boyleep K11 Firmware

Vulnerability report for CVE-2026-36933, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-15

Last updated on: 2026-06-16

Assigner: MITRE

Description

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-15
Last Modified
2026-06-16
Generated
2026-07-06
AI Q&A
2026-06-15
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
boyleep k11 2.3.0.11291
ease_life surveillance_camera 2.3.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Boyleep K11, y108 firmware version 2.3.0.11291, specifically in the Ease Life surveillance camera. It allows a physically proximate attacker to execute arbitrary code by exploiting the factory test feature that is enabled by default.

The attacker can insert a microSD card containing specially crafted files into the device. These files interact with the factorytest.sh script and related components such as test.md5sum and auth.ini within the factorytest directory, enabling the attacker to gain root access.

The exploit involves reverse engineering the firmware, extracting it from SPI flash memory, and analyzing the binary to identify insecure factory reset functionality. The camera's weak security posture, including no exposed services and reliance on encrypted firmware updates, makes this vulnerability critical.

Impact Analysis

Successful exploitation of this vulnerability grants an attacker full control over the affected device.

  • The attacker can execute arbitrary commands with root privileges.
  • This can lead to compromise of user privacy by accessing or manipulating video feeds or stored data.
  • It can also compromise network security by using the device as a foothold for further attacks within the network.
Detection Guidance

This vulnerability can be detected by checking if the device has the factory test mode enabled by default and if it is possible to access the factorytest directory on the device's microSD card or storage.

Specifically, detection involves verifying the presence of files such as factorytest.sh, test.md5sum, and auth.ini within the factorytest directory on the device.

Since the exploit requires physical access to insert a microSD card with crafted files, network detection might be limited; however, inspecting the device firmware or filesystem for these components can help identify vulnerability.

Suggested commands (assuming access to the device shell or extracted firmware filesystem):

  • ls /factorytest/ # Check for presence of factorytest.sh, test.md5sum, auth.ini
  • cat /factorytest/factorytest.sh # Review the script for insecure code
  • Check for microSD card insertion and contents if physically accessible.
Mitigation Strategies

Immediate mitigation steps include disabling or removing the factory test feature that is enabled by default on the device.

Physically restricting access to the device to prevent insertion of malicious microSD cards is critical.

If possible, update the device firmware to a version that patches this vulnerability or apply vendor-provided fixes.

Review and remove or secure the factorytest directory and related scripts such as factorytest.sh, test.md5sum, and auth.ini to prevent exploitation.

Monitor the device for any unauthorized physical access or suspicious activity.

Compliance Impact

The vulnerability in the Ease Life surveillance camera firmware allows an attacker to gain root access and full control over the device by exploiting the factory test feature. This level of unauthorized access can lead to compromise of user privacy and network security.

Such a compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal data and secure handling of sensitive information. Unauthorized control over surveillance devices may lead to data breaches or unauthorized data access, violating these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36933. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart