top of page
perceptive_background_267k.jpg

A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Prot…

Published:

26 maart 2026 om 23:00:00

Alert date:

27 maart 2026 om 20:07:04

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT

A buffer overflow vulnerability in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32 allows attackers to cause denial of service or achieve remote code execution. The vulnerability stems from inadequate validation of the Protocol parameter length in the Transport element. Attackers can exploit this by sending crafted SOAP requests with oversized protocol strings that overflow the stack buffer and overwrite the return instruction pointer. This enables both DoS attacks through device crashes and potential RCE within the ONVIF service context.

Technical details

Mitigation steps:

Affected products:

LSC Indoor Camera

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-69986
https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2025-69986.md

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page