The American cybersecurity agency (CISA) warns of dangerous vulnerability in the LG LNV5110R video cameras. These devices are no longer supported by the manufacturer, but are still used around the world, including at critical infrastructure facilities.
The vulnerability was received by the CVE-2025-7742 identifier and a high danger level (8.3 out of 10). The problem was discovered by the researcher Suvik Kandar. The error allows the hacker to circumvent the authentication check and load the malicious request to the device. This makes it possible to remotely launch any teams with the rights of the administrator, in fact, getting full control over the camera.
LG Innotek knows about vulnerabilities, but it will not correct it, since the LNV5110R cameras have been discontinued and no longer receive updates.
CISA emphasizes that such cameras are installed in different countries and on important facilities, including commercial and infrastructure buildings.
