CVE-2025-56438

Medium CVSS: 6.8

An issue in the firmware update mechanism of Nous W3 Smart WiFi Camera v1.33.50.82 allows unauthenticated and physically proximate attackers to escalate privileges to root via supplying a crafted update.tar archive file stored on a FAT32-formatted SD card.

Vendor

Product

CWE

CWE-345

Yayın Tarihi

2025-10-24 15:15:39

Güncelleme

2025-10-27 13:20:15

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-345 MEDIUM 2025

Referanslar

http://nous.com https://github.com/MMarble21/Smart-camera-privilege-escalation/blob/main/ADVISORY.md