A critical zero-day vulnerability has been identified in the Arcadyan FMIMG51AX000J model and potentially other devices affiliated with the WiFi Alliance. This flaw allows remote attackers to execute arbitrary code.
An independent security researcher working with SSD Secure Disclosure identified the vulnerability, tracked as CVE-2024-41992.
Despite reaching out to the WiFi Alliance via CERT VINCE in April 2024 (Case VU#123336), there has been no clear timeline for a fix.
https://cybersecuritynews.com/zero-day- ... i-devices/