Samsung Smartcam devices are vulnerable to remote takeover via a malicious firmware update, researchers with the former GTVHacker group said. Samsung removed the web interface enabling the attack rather than patch the code in question. Samsung told Threatpost that the vulnerability affects only the SNH-1011 model and it will be removed in an upcoming firmware update. A request for comment from Samsung was not returned in time for publication. The flaw in iWatch can be exploited through a special filename stored in a tar command that is passed to a system call.
Source: https://threatpost.com/new-rce-flaws-found-in-samsung-smartcam/123146/