CVE-2024-51347

Published: Mar 25, 2026Modified: Mar 25, 2026

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone (TZ) parameter within the ONVIF configuration interface. The time zone (TZ) parameter does not have its length properly validated before being copied into a fixed-size buffer using the insecure strcpy function.

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (3)

https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2024-51347.md

Source: cve@mitre.org

https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/tree/main

Source: cve@mitre.org

https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2024-51347.md

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.