PT-2025-43637 · Unknown · Nous W3 Smart Wifi Camera
Published
2025-10-24
·
Updated
2025-10-24
·
CVE-2025-56438
CVSS v3.1
6.8
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nous W3 Smart WiFi Camera version 1.33.50.82
Description
A flaw exists in the firmware update process of the Nous W3 Smart WiFi Camera. An attacker in close physical proximity, without needing to authenticate, can gain root access by providing a specially crafted
update.tar archive file on a FAT32-formatted SD card. This allows for privilege escalation.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Fix
LPE
Insufficient Verification of Data Authenticity
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nous W3 Smart Wifi Camera