The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.Referenceshttps://www.twcert.org.tw/tw/cp-132-4676-391a5-1.htmlhttps://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdfhttps://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3ehttps://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388
