CVE-2025-25985

LOW

2.6

Description

An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/user_info.ini components.

CVE Details

CVSS v3.1 Score2.6

SeverityLOW

CVSS VectorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Attack VectorPHYSICAL

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published4/18/2025

Last Modified6/25/2025

Sourcenvd

Honeypot Sightings0

Affected Products

macro-video:v380e6_c1macro-video:v380e6_c1_firmware

Weaknesses (CWE)

CWE-256

References

https://github.com/vladko312/Research_v380_IP_camera(cve@mitre.org)

https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25985.md(cve@mitre.org)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.