CVE-2022-40918
Published: 06 December 2022
Summary
CVE-2022-40918 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Force1Rc Discovery Wifi U818A Hd\+ Fpv Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-40918 is a buffer overflow vulnerability in the lewei_cam binary version 2.0.10 contained in the firmware of the Force 1 Discovery Wifi U818A HD+ FPV Drone. The flaw, classified under CWE-787, permits an unauthenticated network attacker to trigger out-of-bounds writes through a specially crafted UDP packet.
An attacker with network adjacency to the drone can exploit the issue to obtain remote code execution with root privileges, resulting in full control over the device. The vulnerability carries a CVSS 3.1 score of 9.8 reflecting its network-exploitable nature without credentials or user interaction.
No vendor advisories or official patches are referenced in the supplied data. Public references instead point to technical write-ups and research PDFs that detail the binary and related drone camera modules.
EPSS for the CVE rose from lower values to a recorded peak of 0.0713 on 2025-12-11 before receding to the current score of 0.0435.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-44170
Vulnerability details
Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these…
more
links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.