Home

Description

An issue in the firmware update mechanism of Nous W3 Smart WiFi Camera v1.33.50.82 allows unauthenticated and physically proximate attackers to escalate privileges to root via supplying a crafted update.tar archive file stored on a FAT32-formatted SD card.

PUBLISHED Reserved 2025-08-17 | Published 2025-10-24 | Updated 2025-10-24 | Assigner mitre

References

nous.com

github.com/...era-privilege-escalation/blob/main/ADVISORY.md

cve.org (CVE-2025-56438)

nvd.nist.gov (CVE-2025-56438)

Download JSON