Privilege Escalation Vulnerability in Alaga Home Security WiFi Camera Summary The Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) is vulnerable to privilege escalation. Other models from the same vendor are likely affected as they appear to share the same firmware. The vendor did not respond to reports of the vulnerability, leaving the devices likely unpatched. Local Privilege Escalation (CVE-2025-63810) Description The Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) is vulnerable to privilege escalation. The script contains several 'hooking' queries that probe the SD card for specific files. If a matching file is found, the script executes it as root early in the boot sequence. Example During boot, the script verifies the presence of on the memory card (where is the model name). If the file exists, it runs with root privileges.