AVer PTC cameras
Summary
AVer PTC cameras, specifically models PTC500S, PTC115, PTC500+, and PTC115+, are affected by CVE-2026-40624. Successful exploitation of this vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code via a specially crafted web request.
IFF Assessment
This vulnerability allows for arbitrary code execution, posing a significant risk to the confidentiality, integrity, and availability of affected systems.
Severity
The CVSS score of 9.8 indicates a critical severity, reflecting the potential for remote, unauthenticated arbitrary code execution with high impact across attack vector, complexity, privileges, user interaction, and scope, confidentiality, integrity, and availability.
Defender Context
This critical vulnerability in AVer PTC cameras, which are used in government, commercial, and healthcare sectors, allows for remote code execution. Defenders should prioritize patching or mitigating this vulnerability on affected devices immediately to prevent potential compromise.