CVE-2025-56438

MEDIUM

Nous W3 Smart WiFi Camera <1.33.50.82 - Privilege Escalation

Title source: llm
STIX 2.1

Description

An issue in the firmware update mechanism of Nous W3 Smart WiFi Camera v1.33.50.82 allows unauthenticated and physically proximate attackers to escalate privileges to root via supplying a crafted update.tar archive file stored on a FAT32-formatted SD card.

References (2)

Scores

CVSS v3 6.8
EPSS 0.0001
EPSS Percentile 1.8%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-345
Status published
Published Oct 24, 2025
Tracked Since Feb 18, 2026