CVE-2024-52546

Summary

An unauthenticated attacker can perform a null pointer dereference in the DHIP Service (UDP port 37810). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111.

Affected Software

VendorProductVersion RangeStatus
Lorex2K Indoor Wi-Fi Security Camera0 < 2.800.0000000.8.R.20241111affected

Weaknesses

  • CWE-476: CWE-476 NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References