Primary

Context

INSTAR 2K+ and 4K Backend IPC Server Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in INSTAR 2K+ and 4K cameras running firmware version 3.11.1 Build 1124. This issue affects the Backend IPC Server component, where an unknown code manipulation leads to a crash of the camera, requiring a reboot for recovery. The vulnerability can be exploited remotely without authentication.

Impact

Exploitation of this vulnerability causes the camera to crash, disrupting its functionality and requiring a manual reboot to restore normal operation.

Remediation

Users are advised to apply the firmware update provided by INSTAR to address this vulnerability. Additionally, implementing restrictive firewall rules can help mitigate the risk of remote exploitation.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

INSTAR 2K+ and 4K Backend IPC Server Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating