CVE Vulnerabilities

CVE-2025-7742

Authentication Bypass Using an Alternate Path or Channel

Published: Jul 25, 2025 | Modified: Jul 25, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the devices non-volatile storage. This action may result in remote code execution that allows an attacker to run arbitrary commands on the target device at the administrator privilege level.

Weakness

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

Potential Mitigations

References