Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dvr vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-3828
The web interface for Everfocus EDR1600 DVR allows remote malicious users to bypass authentication and access live cams via certain vectors.
Everfocus Edr1600
1 EDB exploit
9.3
CVSSv2
CVE-2011-0042
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not prope...
Microsoft Windows Xp
Microsoft Windows 7 -
Microsoft Windows Vista
Microsoft Windows Xp Media Center 2005
Microsoft Windows Media Center Tv Pack
Microsoft Windows Vista
5
CVSSv2
CVE-2018-10734
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances.
Kongtop D303 Firmware -
Kongtop D305 Firmware -
Kongtop D403 Firmware -
Kongtop A303 Firmware -
Kongtop A403 Firmware -
NA
CVE-2021-44954
In QVIS NVR DVR prior to 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration.
Qvis Dvr Firmware
Qvis Nvr Firmware
10
CVSSv2
CVE-2021-42071
In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.
Visual-tools Dvr Vx16 Firmware 4.2.28.0
10
CVSSv2
CVE-2020-3923
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. Attackers can crack the default password and gain access to the system.
Tonnet Tat-77104g1 Firmware
Tonnet Tat-70432n Firmware
Tonnet Tat-71416g1 Firmware
Tonnet Tat-71832g1 Firmware
Tonnet Tat-76104g3 Firmware
Tonnet Tat-76108g3 Firmware
Tonnet Tat-76116g3 Firmware
Tonnet Tat-76132g3 Firmware
NA
CVE-2022-47618
Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.
Meritlilin Ah55b08 Firmware -
Meritlilin Ah55b04 Firmware -
5
CVSSv2
CVE-2018-10676
CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote malicious users to download a file and obtain sensitive credential information via a direct request for the download.rsp URI.
Tbkvision Tbk-dvr4216 Firmware -
Tbkvision Tbk-dvr4104 Firmware -
2 Github repositories
9.3
CVSSv2
CVE-2009-1092
Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote malicious users to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
Geovision Liveaudio Activex Control 7.0
1 EDB exploit
10
CVSSv2
CVE-2020-3924
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.
Tonnet Tat-77104g1 Firmware
Tonnet Tat-70432n Firmware
Tonnet Tat-71416g1 Firmware
Tonnet Tat-71832g1 Firmware
Tonnet Tat-76104g3 Firmware
Tonnet Tat-76108g3 Firmware
Tonnet Tat-76116g3 Firmware
Tonnet Tat-76132g3 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »