CVE-2025-65817

HIGH

LSC Smart Connect Indoor IP Camera <1.4.13 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-65817. PoCs published by Istaarkk.

AI-analyzed exploit summary This PoC exploits a vulnerability in LSC Smart Connect Camera firmware 1.14.13 by abusing the SD-card update hook to execute arbitrary commands as root via a malicious `update.nor.sh` script. The exploit spawns a telnetd shell on port 2323, demonstrating remote code execution.

Description

LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in start_app.sh.

Exploits (1)

nomisec WORKING POC 9 stars

by Istaarkk · poc

https://github.com/Istaarkk/CVE-2025-65817

View Code ZIP pw:eip

This PoC exploits a vulnerability in LSC Smart Connect Camera firmware 1.14.13 by abusing the SD-card update hook to execute arbitrary commands as root via a malicious `update.nor.sh` script. The exploit spawns a telnetd shell on port 2323, demonstrating remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: LSC Smart Connect Camera firmware 1.14.13

No auth needed

Prerequisites: Physical access to the SD card slot or ability to insert a malicious SD card · SD card formatted and writable

MITRE ATT&CK

T1059.004 - Unix Shell T1078.003 - Local Accounts T1548.004 - Elevated Execution with Prompt

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/Istaarkk/CVE-2025-65817/blob/main/README.md

View Exploit ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0031

EPSS Percentile 22.1%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

lsc/smart_connect_indoor_ip_camera_firmware 1.4.13

Published Dec 22, 2025

Tracked Since Feb 18, 2026