Lucene search
K

6 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/12/03 8:0 p.m.44 views

Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)

The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...

9.8CVSS8.4AI score0.01111EPSS
Exploits1
Cvelist
Cvelist
added 2024/12/03 5:23 p.m.38 views

CVE-2024-52546 Lorex 2K Indoor Wi-Fi Security Camera - Null pointer dereference

An unauthenticated attacker can perform a null pointer dereference in the DHIP Service UDP port 37810. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

5.3CVSS0.00769EPSS
Exploits1References2
CVE
CVE
added 2024/12/03 5:23 p.m.72 views

CVE-2024-52546

Lorex 2K Indoor Wi‑Fi Security Camera is affected by CVE-2024‑52546: an unauthenticated user can trigger a null pointer dereference in the DHIP Service (UDP port 37810). The issue is addressed in firmware version 2.800.0000000.8.R.20241111. The public sources describe an exploit chain affecting m...

5.3CVSS5.4AI score0.00769EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/12/03 5:20 p.m.11 views

CVE-2024-52545 Lorex 2K Indoor Wi-Fi Security Camera - Out of bounds heap read

An unauthenticated attacker can perform an out of bounds heap read in the IQ Service TCP port 9876. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

6.5CVSS7.1AI score0.00719EPSS
Exploits1References2
CNVD
CNVD
added 2022/10/10 12:0 a.m.17 views

TOTOLINK NR1800X setIpPortFilterRules method buffer overflow vulnerability

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK. designed to provide fast and easy deployment of NR fixed data services in homes and offices. A buffer overflow vulnerability exists in TOTOLINK NR1800X version V9.1.0u.6279B20210910, which stems from a lack o...

8.8CVSS9AI score0.00865EPSS
Exploits1References1
CNVD
CNVD
added 2022/10/10 12:0 a.m.42 views

TOTOLINK NR1800X setOpModeCfg buffer overflow vulnerability

TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China Gion Electronics TOTOLINK.Designed to provide fast and convenient deployment of NR fixed data services for homes and offices.TOTOLINK NR1800X V9.1.0u.6279B20210910 version is vulnerable to a buffer overflow vulnerability,...

8.8CVSS3.7AI score0.00865EPSS
Exploits1References1
Rows per page
Query Builder