CVE-2024-41623
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk46th percentile - higher than 46% of all known CVEs
Summary
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload. The vulnerability stems from improper input validation.
Risk Assessment
A local attacker could take control of the camera, potentially compromising the confidentiality of recordings, disrupting surveillance, or using the device as an entry point into the internal network.
Recommendation
Immediately update the camera firmware to the latest available version if a patch has been released. If no update is available, consider isolating the device from the production network and restricting physical access.
Original NVD description (English source)
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload

