68 matches found
EUVD-2012-6304
Malware in sbrugna...
PT-2025-31439 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera is susceptible to a stack-based buffer overflow, potentially leading to remote code execution. This issue was...
PT-2025-31445 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera contains an improper validation of array index flaw that can lead to remote code execution. The issue was discovered...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Improper Validation of Array Index Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests sent to TCP port 9876. The...
CVE-2024-48799
An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2012-6451
Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability...
The vulnerability of the IQ microprogramming software-based Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the IQ microprogrammed IP camera system from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to elevate their privileges to root and gain full acce...
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to escalate their privileges to root and gain full access to the device through a connection usi...
The vulnerability of the DHIP microprogrammed IP camera software from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to execute arbitrary code.
The vulnerability of the DHIP microprogrammed IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting via the TCP...
The vulnerability of the DP microprogramming software-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows an attacker to elevate their privileges to root and gain full access t...
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)
The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)
The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...
CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52548
Lorex 2K Indoor Wi‑Fi Security Camera is affected by CVE-2024-52548 where an attacker can bypass kernel code signing enforcements and execute arbitrary native code. The issue is part of a five‑vulnerability exploit chain (CVE-2024-52544 to CVE-2024-52548) that enables unauthenticated RCE via a tw...
CVE-2024-52547 Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow
An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service TCP port 80. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52547
CVE-2024-52547 affects Lorex 2K Indoor Wi‑Fi Security Camera via the DHIP Service (TCP port 80) . An authenticated attacker can trigger a stack-based buffer overflow potentially enabling code execution. Vendor patch released in firmware version 2.800.0000000.8.R.20241111. Remediation: apply the f...
CVE-2024-52546 Lorex 2K Indoor Wi-Fi Security Camera - Null pointer dereference
An unauthenticated attacker can perform a null pointer dereference in the DHIP Service UDP port 37810. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...