Macro-video V380E6_C1 IP Camera, Arbitrary Code Execution, CVE-2025-25985 (Critical)

By /

Listen to this Post

How CVE-2025-25985 Works

The vulnerability exists in Macro-video Technologies’ V380E6_C1 IP camera firmware version 1020302. A physically proximate attacker can exploit improper access control in the `/mnt/mtd/mvconf/wifi.ini` and `/mnt/mtd/mvconf/user_info.ini` configuration files. By injecting malicious code into these writable INI files, an attacker can achieve arbitrary code execution with root privileges. The camera fails to sanitize input or enforce proper file permissions, allowing the injected payload to be executed during system initialization or configuration reload.

DailyCVE Form

Platform: Macro-video V380E6_C1
Version: 1020302
Vulnerability: Arbitrary code execution
Severity: Critical
Date: 06/25/2025

Prediction: Patch expected 08/2025

What Undercode Say

strings /mnt/mtd/mvconf/wifi.ini | grep exec
chmod 777 /mnt/mtd/mvconf/user_info.ini
curl -X POST --data-binary @payload.ini http://<IP>/cgi-bin/update_config.cgi

How Exploit

1. Physical access to device

2. Modify wifi.ini/user_info.ini

3. Insert malicious commands

4. Trigger config reload

Protection from this CVE

1. Firmware update

2. File permission hardening

3. Input validation

Impact

Full device compromise

Unauthorized access

Persistence establishment

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top