Improper Certificate Validation in Lorex 2K Indoor Wi-Fi Security Cameras
CVE-2026-15683
7.5HIGH
What is CVE-2026-15683?
The Lorex 2K Indoor Wi-Fi Security Camera is susceptible to an improper certificate validation vulnerability within its device management functionality. This flaw allows network-adjacent attackers to execute arbitrary code without requiring user interaction. By exploiting the lack of proper validation of the certificate provided by the server, an attacker could take control of the device and execute malicious code in the context of root, potentially leading to significant security breaches. This makes it critical for users to be aware of this vulnerability and take necessary precautions.
Affected Version(s)
2K Indoor Wi-Fi Security Camera 2.800.020000000.3.R.20220331
