76 matches found
EUVD-2026-43542
Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. User interaction is not required to...
EUVD-2026-43546
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15680
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15683
Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. User interaction is not required to...
CVE-2026-15680
CVE-2026-15680 affects Lorex 2K Indoor Wi‑Fi Security Camera. The vulnerability is in the sonia binary’s JSON request parsing, where lack of validation of a user‑supplied string used as a format specifier can allow a network‑adjacent attacker to execute arbitrary code with root privileges. Authen...
CVE-2026-15680 Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15683 Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability
Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. User interaction is not required to...
CVE-2026-15683
Affected product/area: Lorex 2K Indoor Wi‑Fi Security Camera – Device Management Server. Vulnerability: Improper certificate validation in the device management functionality. The flaw stems from lack of proper validation of the server’s certificate, enabling network‑adjacent attackers to execute...
EUVD-2012-6304
Malware in sbrugna...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Improper Validation of Array Index Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests sent to TCP port 9876. The...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
PT-2025-31439 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera is susceptible to a stack-based buffer overflow, potentially leading to remote code execution. This issue was...
PT-2025-31445 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera contains an improper validation of array index flaw that can lead to remote code execution. The issue was discovered...
CVE-2024-48799
An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2012-6451
Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability...
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to escalate their privileges to root and gain full access to the device through a connection usi...
The vulnerability of the IQ microprogramming software-based Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the IQ microprogrammed IP camera system from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to elevate their privileges to root and gain full acce...
The vulnerability of the DP microprogramming software-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows an attacker to elevate their privileges to root and gain full access t...
The vulnerability of the DHIP microprogrammed IP camera software from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to execute arbitrary code.
The vulnerability of the DHIP microprogrammed IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting via the TCP...