Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dvr vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-11681
Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.
Castel Nextgen Dvr Firmware 1.0.0
6.5
CVSSv3
CVE-2020-11682
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all reque...
Castel Nextgen Dvr Firmware 1.0.0
8.8
CVSSv3
CVE-2020-11679
Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitted by an Administrator. This allows a normal user to escalate their privileges by ...
Castel Nextgen Dvr Firmware 1.0.0
NA
CVE-2014-4880
Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote malicious users to execute arbitrary code via an RTSP PLAY request with a long Authorization header.
Hikvision Dvr Ds-7204 Firmware 2.2.10
1 EDB exploit
NA
CVE-2009-2306
The ARD-9808 DVR card security camera stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a file containing usernames and passwords via a direct request for dvr.ini.
Armassa Ard-9808 Software
Armassa Ard-9808
1 EDB exploit
6.1
CVSSv3
CVE-2018-11689
Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)
Samsung Smartviewer -
Hanwha-security Hrd-1642 Firmware
Hanwha-security Hrd-842 Firmware
Hanwha-security Hrd-442 Firmware
Hanwha-security Hrd-1641 Firmware
Hanwha-security Hrd-841 Firmware
Hanwha-security Hrd-840 Firmware
Hanwha-security Hrd-440 Firmware
Hanwha-security Hrd-443 Firmware
Hanwha-security Srd-1694u Firmware
7.8
CVSSv3
CVE-2022-26259
A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows malicious users to cause a Denial of Service (DoS) via a crafted RSTP request...
Xiongmaitech Nbd80x16s-kl Firmware 4.03.r11.nat.dss.onvifc.20210727
Xiongmaitech Nbd80x09s-kl Firmware 4.03.r11.nat.dss.onvifc.20210727
Xiongmaitech Nbd80x08s-kl Firmware 4.03.r11.nat.dss.onvifc.20210727
Xiongmaitech Nbd80x09ra-kl Firmware 4.03.r11.nat.dss.onvifc.20210727
Xiongmaitech Ahb80x04r-mh Firmware 4.03.r11.nat.dss.onvifc.20210729
Xiongmaitech Ahb80x04r-mh-v2 Firmware 4.03.r11.nat.dss.onvifc.20210729
Xiongmaitech Ahb80x04-r-mh-v3 Firmware 4.03.r11.nat.dss.onvifc.20210729
Xiongmaitech Ahb80n16t-gs Firmware 4.03.r11.7601.nat.onvifc.20211223
Xiongmaitech Ahb80n32f4-lme Firmware 4.03.r11.7601.nat.onvifc.20211228
Xiongmaitech Nbd90s0vt-qw Firmware 4.03.r11.713g.nat.onvifc.2021
NA
CVE-2008-4547
Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote malicious users to execute arbitrary code via a long second argument to the TimeSpanFormat method.
Dvrstation Dvrstation Cms 1.0.1.25
1 EDB exploit
NA
CVE-2009-2305
The ARD-9808 DVR card security camera allows remote malicious users to cause a denial of service via a long URI composed of //.\ (slash slash dot backslash) sequences.
Armassa Ard-9808 Software
Armassa Ard-9808
1 EDB exploit
9.8
CVSSv3
CVE-2015-2909
Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote malicious users to obtain access by leveraging situations in which this warning wa...
Netvu Dv-ip Express Firmware -
Netvu Sd-advanced - Sdhd Firmware -
Netvu Sd-advanced 8\\/12\\/16 Vga Firmware -
Netvu Sd Advanced Closed Iptv \\(m3u\\) Firmware -
Netvu Sd Advanced Non Closed Iptv \\(m3u\\) Firmware -
Netvu Sd Advanced Nvr Firmware -
Netvu Sd 32 \\(m3g\\) Firmware -
Netvu Sd 32 \\(m3h\\) Firmware -
Netvu Sd 4 \\(m3s\\) Firmware -
Netvu Sd 4 \\(m3t\\) Firmware -
Netvu Sd 8\\/12\\/16 No Kbd \\(m3r\\) Firmware -
Netvu Sd 8\\/12\\/16 No Kbd \\(m3s\\) Firmware -
Netvu Sd 8\\/16 Front Panel Kbd \\(m3r\\) Firmware -
Netvu Sd 8\\/16 Front Panel Kbd \\(m3u\\) Firmware -
Netvu Ecosense 4\\/8\\/16 \\(m4t\\) Firmware -
Netvu Ds2 \\(dvtr\\) Firmware -
Netvu Ds2 \\(dvtu\\) Firmware -
Netvu Ds2 \\(dvtx\\) Firmware -
Netvu Ds2 \\(dvtx\\) Netvu Connected Firmware -
Netvu Ds2 \\(m2ip\\) Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »