Lucene search
MitreCVELIST:CVE-2018-9995HistoryApr 10, 2018 - 10:00 p.m.
CVE-2018-9995
2018-04-1022:00:00
mitre
www.cve.org
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a “Cookie: uid=admin” header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
References
Related
prion
prion
Authentication flaw
2018-04-10 22:29:00
nuclei
nuclei
TBK DVR4104/DVR4216 Devices - Authentication Bypass
2021-04-07 12:33:31
zdt
zdt
TBK DVR4104 / DVR4216 - Credentials Leak Exploit
2018-05-03 00:00:00
checkpoint_advisories
checkpoint_advisories
TBKvision Firmware Authentication Bypass (CVE-2018-9995)
2020-01-23 00:00:00
attackerkb
attackerkb
CVE-2018-9995
2018-04-10 00:00:00
CVE-2016-20016
2022-10-19 00:00:00
packetstorm
packetstorm
TBK DVR4104 / DVR4216 Credential Disclosure
2018-05-04 00:00:00
kitploit
kitploit
DVR-Exploiter - Bash Script Program Exploit The DVR's Based On CVE-2018-9995
2018-09-24 12:16:00
seebug
seebug
TBK DVR Login Bypass(CVE-2018-9995)
2018-05-02 00:00:00
nvd
nvd
CVE-2018-9995
2018-04-10 22:29:00
openvas
openvas
cve
cve
CVE-2018-9995
2018-04-10 22:29:00
thn
thn
Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices
2023-05-03 07:30:00