cvedb.io
CVE-2025-25680
HIGH · CVSS 7.7
EPSS exploitation probability: 0%
Published 2025-03-11T16:15:17.413 · Last modified 2026-06-17T09:01:01.220

Summary

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera.

Affected products

lsc — ptz_dual_band_camera_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when lsc ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.