CVE-2025-8760

CRITICAL

INSTAR 2K+/4K <3.11.1.1124 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-8760. PoCs published by born0monday.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-8760, a stack-based buffer overflow vulnerability in INSTAR 2K+/4K cameras (version <= 3.10.0). The exploit leverages ROP chains to achieve remote code execution (RCE) by overflowing a buffer and manipulating the stack to execute arbitrary commands.

Description

A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely.

Exploits (1)

github WORKING POC 4 stars

by born0monday · pythonpoc

https://github.com/born0monday/CVE-2025-8760

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2025-8760, a stack-based buffer overflow vulnerability in INSTAR 2K+/4K cameras (version <= 3.10.0). The exploit leverages ROP chains to achieve remote code execution (RCE) by overflowing a buffer and manipulating the stack to execute arbitrary commands.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: INSTAR 2K+/4K cameras (<= 3.10.0)

No auth needed

Prerequisites: Network access to the target device · Target device running vulnerable firmware

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Permissions Required, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.319863

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.319863

Various Sources related

https://modzero.com/static/MZ-25-03_modzero_INSTAR.pdf

Scores

CVSS v3 9.8

EPSS 0.0070

EPSS Percentile 48.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-119 CWE-120

Status published

Products (2)

INSTAR/2K+ 3.11.1 Build 1124

INSTAR/4K 3.11.1 Build 1124

Published Aug 13, 2025

Tracked Since Feb 18, 2026