CVE-2025-69986

Name of the Vulnerable Software and Affected Versions LSC Indoor Camera version 7.6.32

Description A buffer overflow issue exists in the ONVIF GetStreamUri function. The application does not properly check the length of the Protocol parameter within the Transport element. An attacker can exploit this by sending a crafted SOAP request with an oversized protocol string, leading to a stack buffer overflow and overwriting the return instruction pointer (RIP). This can result in a Denial of Service (DoS) through device crashes or potentially allow for Remote Code Execution (RCE) within the ONVIF service context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.