Published
2025-07-24
·
Updated
2025-08-01
·
CVE-2025-7742
8.3
High
| Base vector | Vector | AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions:
LG Innotek camera model LNV5110R
Description:
An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the device’s non-volatile storage. This action may result in remote code execution, allowing an attacker to run arbitrary commands on the target device at the administrator privilege level. Approximately 1,300 devices worldwide are potentially affected.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Authentication Bypass Using an Alternate Path or Channel