TLDR: The camera blindly copies and executes a shell script from any inserted SD card as root during boot. An attacker with physical access can achieve persistent root-level code execution. Backg...

Introduction After browsing AliExpress for a device to test, I came across a wireless ear cleaner. Having seen a video previously about a similar product on Matt Brown’s YouTube channel, I was curi...