17 matches found
PT-2025-31445 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera contains an improper validation of array index flaw that can lead to remote code execution. The issue was discovered...
PT-2025-31439 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera is susceptible to a stack-based buffer overflow, potentially leading to remote code execution. This issue was...
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
The vulnerability of the IQ microprogramming software-based Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the IQ microprogrammed IP camera system from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to elevate their privileges to root and gain full acce...
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to escalate their privileges to root and gain full access to the device through a connection usi...
The vulnerability of the DHIP microprogrammed IP camera software from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to execute arbitrary code.
The vulnerability of the DHIP microprogrammed IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting via the TCP...
The vulnerability of the DP microprogramming software-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.
The vulnerability of the DP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is transmitted outside the buffer in memory. Exploiting this vulnerability allows an attacker to elevate their privileges to root and gain full access t...
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)
The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...
CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
CVE-2024-52545
Lorex 2K Indoor Wi‑Fi Security Camera is affected by CVE-2024-52545: an unauthenticated attacker can perform an out-of-bounds heap read in the IQ Service (TCP port 9876). The issue is resolved in firmware version 2.800.0000000.8.R.20241111. Remediation: push the firmware update to devices as prov...
CVE-2024-52544 Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow
An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service TCP port 3500. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...
Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞
Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker could exploit this vulnerability to perform an out-of-bounds heap read in t...
Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞
Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker exploiting this vulnerability could execute arbitrary operating system...
Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞
Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in the Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An authenticated attacker exploiting this vulnerability could trigger a stack-based...
Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞
Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker could exploit this vulnerability to perform null pointer dereferencing in t...
PT-2024-35369 · Lorex · Lorex 2K Indoor Wi-Fi Security Camera
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera versions prior to 2.800.0000000.8.R.20241111 Description: An attacker who can execute arbitrary Operating Systems commands can bypass code signing enforcements in the kernel and execute arbitrary native...
Exploit for CVE-2024-52544
Lorex 2K Indoor Wi-Fi Security Camera: RCE Exploit Chain O...