Blurams Lumi A31C
0 remedies
cpe:2.3:h:blurams:lumi_security_camera_a31c:*:*:*:*:*:*:*, +1 more
0 remedies
- 23.1227.472.2926
Blurams Lumi Security Camera Bootloader Override Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A vulnerability in the Blurams Lumi Security Camera model A31C, specifically in version 23.1227.472.2926, allows local physical attackers to execute arbitrary code by overriding the bootloader on the SD card. This is achieved through a reverse-engineered update mechanism that can be exploited by inserting a modified SD card and power cycling the device.
Impact
Exploitation of this vulnerability leads to unauthorized arbitrary code execution on the device with root privileges.
Reproduction
The vulnerability can be reproduced by inserting an SD card programmed with a specific payload that exploits the camera's update mechanism. After inserting the SD card, the device must be power cycled, which triggers the bootloader to read the modified update file from the SD card. The injected code is then executed, resulting in a root shell on the device.
Added: Nov 24, 2025, 10:18 PM
Updated: Nov 24, 2025, 10:18 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
7.5exploitability
4.8remediation
0.0relevance
1.1threat
6.4urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.