LG surveillance cameras are vulnerable to remote attacks due to a recently discovered vulnerability. However, it has become known that they will not receive patches.
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported a vulnerability in LG Innotek LNV5110R cameras that allows for authentication bypass, enabling attackers to gain administrative access to the device.
The issue has been identified as CVE-2025-7742 and allows an attacker to upload data to the non-volatile storage of the device via an HTTP POST request, ultimately leading to remote code execution with elevated privileges.
CISA emphasized that the vulnerable cameras are used worldwide, including in the critical infrastructure of many commercial facilities.
Experts have notified representatives of LG Innotek about the issue; however, the manufacturer stated that the vulnerability cannot be patched because the product’s lifecycle has already ended.
Cybersecurity specialist Souvik Kandar from MicroSec, who is credited by CISA with discovering the vulnerability, reported that around 1,300 cameras can now be found online, which may be remotely hacked.
According to the researcher, attackers can exploit the vulnerability to gain access to live streams, disable the camera, and perform other malicious actions.
“This is an unauthenticated remote code execution vulnerability,” explained Kandar. “Attackers can upload a reverse shell without logging in, gain administrator privileges, execute arbitrary Linux commands, and use the device as a launch pad for infiltrating internal company networks.”
2025.02.06 — Let's Encrypt to stop sending expiration notification emails
The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision…
Full article →
2025.01.23 — Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts
Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code. This…
Full article →
2025.01.24 — Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer
Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into…
Full article →
2025.02.14 — 12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed…
Full article →
2025.04.15 — Hackers exploit authentication bypass bug in OttoKit WordPress plugin
Hackers exploit an authentication bypass vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin used by more than 100,000 websites. First attacks were recorded just…
Full article →
2025.02.05 — Google patches Android zero-day vulnerability exploited by hackers
Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers. The zero-day's…
Full article →
2025.02.09 — Abandoned AWS S3 buckets could be used in attacks targeting supply chains
watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations. The researchers discovered…
Full article →
2025.04.16 — Android devices will restart every three days to protect user data
Google introduces a new security feature for Android devices: locked and unused devices will be automatically restarted after three days of inactivity to return their memory to an…
Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.04.30 — Coinbase fixes 2FA bug that made customers panic
Cryptocurrency exchange Coinbase has fixed a bug in its Account Activity logs that caused customers to think their credentials were compromised. Earlier this month, BleepingComputer…
Full article →