CVE-2025-6532 – NOYAFA/Xiami LF9 Pro RTSP Live Video Stream Endpoint Improper Access Control Vulnerability

June 23, 2025

CVE ID : CVE-2025-6532

Published : June 24, 2025, 12:15 a.m. | 1 hour, 46 minutes ago

Description : A vulnerability classified as problematic was found in NOYAFA/Xiami LF9 Pro up to 20250611. Affected by this vulnerability is an unknown functionality of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6533 – “Xxyopen Novel-Plus CATCHA Handler Authentication Bypass”

Next Article CVE-2025-6531 – SIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint Improper Access Controls Vulnerability

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-6532 – NOYAFA/Xiami LF9 Pro RTSP Live Video Stream Endpoint Improper Access Control Vulnerability

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

CVE-2025-5779 – “Code-projects Patient Record Management System SQL Injection Vulnerability”

OpenAI Releases a Practical Guide to Building LLM Agents for Real-World Applications

Mortal Shell 2 was Summer Game Fest’s first banger announcement, and the Soulslike sequel is getting a beta before release

Google is intentionally throttling YouTube videos, slowing down users with ad blockers

Microsoft adds RFT & SFT support in Azure AI Foundry for smarter model fine-tuning

CVE-2025-46433 – JetBrains TeamCity Path Traversal Vulnerability

CVE-2022-26304 – Apache HTTP Server Denial of Service

Perficient Wins EX Impact Award for Diversity, Equity, Inclusion, and Belonging

CVE-2025-6532 – NOYAFA/Xiami LF9 Pro RTSP Live Video Stream Endpoint Improper Access Control Vulnerability

Related Posts