In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
visual-tools dvr_vx16_firmware 4.2.28.0 |