Back to overview

CVE-2026-15680

HIGH
7.5
CVSS 3.0
Description
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of JSON requests in the sonia binary. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-25884.

Metadata

CVE ID
CVE-2026-15680
State
PUBLISHED
Assigner
zdi
Reserved
2026-07-13 21:28 UTC
Published
2026-07-13 21:32 UTC
Last updated
2026-07-13 21:32 UTC
Primary CWE
CWE-134
CWE-134: Use of Externally-Controlled Format String
Vendor / Product
Lorex / 2K Indoor Wi-Fi Security Camera
Sources
cve.org  ·  NVD

Severity & Metrics

7.5 HIGH CVSS 3.0
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
Lorex 2K Indoor Wi-Fi Security Camera 2.800.020000000.3.R.20220331
Weakness (CWE)
CWESourceDescription
CWE-134 cna CWE-134: Use of Externally-Controlled Format String
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.5 HIGH 3.0 cna CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Back to overview