CRITICAL🇵🇱 Wersja polska

CVE-2023-50488

CVSS 9.8v3.1pub. 2024-02-02upd. 2025-06-17

An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute arbitrary code.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-94 (code injection) allows an attacker to inject and execute arbitrary code on the vulnerable device. The attack can be conducted remotely over the network without requiring privileges or user interaction. Publicly available PoC (proof-of-concept) code confirms the feasibility of practical exploitation of the vulnerability.

Impact

An attacker can take full control of the device, gaining access to the camera's video and audio streams, and potentially using it as an entry point to the local network. Loss of confidentiality, integrity, and availability of the system is possible.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. Until an update is applied, it is recommended to isolate the device from the public network and restrict access to it only from trusted local network segments.

Who is affected

Blurams Lumi Security Camera A31C with firmware version v23.0406.435.4120

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Blurams Lumi Security Camera A31c

    HW
    Blurams
    wszystkie wersje
  • Blurams Lumi Security Camera A31c Firmware

    OS
    Blurams
    23.0406.435.412
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-51820MEDIUM6.8ten sam produkt

An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate attackers to exec...

CVE-2025-65396MEDIUM6.1ten sam vendor

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physi...

CVE-2025-65397MEDIUM6.8ten sam vendor

An insecure authentication mechanism in the safe_exec.sh startup script of Blurams Flare Camera version 24.111...

CVE-2025-63674MEDIUM6.8ten sam vendor

An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute a...