PT-2025-31439 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera is susceptible to a stack-based buffer overflow, potentially leading to remote code execution. This issue was...

(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...

PT-2025-31445 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera affected versions not specified Description: The Lorex 2K Indoor Wi-Fi Security Camera contains an improper validation of array index flaw that can lead to remote code execution. The issue was discovered...

Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)

The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...

CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

CVE-2024-52545

Lorex 2K Indoor Wi‑Fi Security Camera is affected by CVE-2024-52545: an unauthenticated attacker can perform an out-of-bounds heap read in the IQ Service (TCP port 9876). The issue is resolved in firmware version 2.800.0000000.8.R.20241111. Remediation: push the firmware update to devices as prov...

CVE-2024-52544 Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow

An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service TCP port 3500. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞

Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker could exploit this vulnerability to perform null pointer dereferencing in t...

Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞

Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker exploiting this vulnerability could execute arbitrary operating system...

Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞

Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An attacker could exploit this vulnerability to perform an out-of-bounds heap read in t...

Lorex 2K Indoor Wi-Fi Security Camera 安全漏洞

Lorex 2K Indoor Wi-Fi Security Camera is a series of security cameras from Lorex Canada. A security vulnerability previously existed in the Lorex 2K Indoor Wi-Fi Security Camera version 2.800.0000000.8.R.20241111. An authenticated attacker exploiting this vulnerability could trigger a stack-based...

PT-2024-35369 · Lorex · Lorex 2K Indoor Wi-Fi Security Camera

Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera versions prior to 2.800.0000000.8.R.20241111 Description: An attacker who can execute arbitrary Operating Systems commands can bypass code signing enforcements in the kernel and execute arbitrary native...

Exploit for CVE-2024-52544

Lorex 2K Indoor Wi-Fi Security Camera: RCE Exploit Chain O...