Authentication Bypass in LG Innotek Camera

July 24, 2025 invoker category_cve

CVE Details

Basic Information

Title Authentication Bypass in LG Innotek Camera
Type cve
Published 2025-07-24T23:28:32.443Z
Modified 2025-07-24T23:28:32.443Z

Product Information

Vendor LG Innotek
Product Camera Model LNV5110R
Version All

CVSS Information

Base Score 8.3 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products

  • LG Innotek Camera Model LNV5110R All

Additional Information

CWE List CWE-288
Source LGE

Description

An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the devices non-volatile storage. This action may result in remote code execution that allows an attacker to run arbitrary commands on the target device at the administrator privilege level.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.