CVE-2025-69986

HIGH

LSC Indoor Camera V7.6.32 - Buffer Overflow

Title source: llm

Description

A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport element. By sending a specially crafted SOAP request containing an oversized protocol string, an attacker can overflow the stack buffer, overwriting the return instruction pointer (RIP). This vulnerability allows for Denial of Service (DoS) via device crash or Remote Code Execution (RCE) in the context of the ONVIF service.

References (1)

https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2025-69986.md

View Writeup ZIP pw:eip

Scores

CVSS v3 7.2

EPSS 0.0018

EPSS Percentile 38.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-121 CWE-20

Status published

Published Mar 27, 2026

Tracked Since Mar 29, 2026