We found an interesting, though low risk cross-site scripting issue in the ANNKE SP1 HD wireless camera, using firmware version v3.4.1.1604071109. What’s interesting is that the XSS is found when viewing available Wi-Fi access points in the Annke web interface. Hence, if you set up a rogue access point in range of your victim with SSID … Continue reading Nifty XSS in Annke SP1 HD wireless camera