1. Home
  2. CVE Database
  3. CVE-2025-25680
HIGH · 7.7

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution throu...

Vulnerability Description

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
LscPtz Dual Band Camera Firmware7.6.32
LscPtz Dual Band Camera-

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2025-25680?

CVE-2025-25680 is a vulnerability with a CVSS score of 7.7 (HIGH). LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution throu...

How severe is CVE-2025-25680?

CVE-2025-25680 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-25680?

Check the references section above for vendor advisories and patch information. Affected products include: Lsc Ptz Dual Band Camera Firmware, Lsc Ptz Dual Band Camera.