Primary

Context

LG Innotek LNV5110R Camera Authentication Vulnerability Allowing Remote Code Execution

Vulnerability

An authentication vulnerability has been identified in the LG Innotek camera model LNV5110R, all firmware versions. This vulnerability allows a malicious actor to upload an HTTP POST request to the device's non-volatile storage, potentially leading to remote code execution. Exploitation of this vulnerability would enable an attacker to execute arbitrary commands on the device with administrative privileges.

Impact

Exploitation of this vulnerability could result in unauthorized administrative access to the affected camera, allowing for arbitrary code execution with elevated privileges.

Remediation

LG Innotek has acknowledged this vulnerability but stated that the LNV5110R model is an end-of-life product that cannot be patched. Users are advised to consult the LG Security Center for further guidance.

Added: Jul 25, 2025, 12:32 AM

Updated: Jul 25, 2025, 12:32 AM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.4

remediation

8.3

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

4.4

remediation

8.3

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LG Innotek LNV5110R Camera Authentication Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

LG Innotek LNV5110R

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating