Lucene search

[email protected]NVD:CVE-2016-20016

HistoryOct 19, 2022 - 5:15 a.m.

CVE-2016-20016

2022-10-1905:15:08

[email protected]

web.nvd.nist.gov

mvpower cctv dvr

web shell

remote code execution

cve-2016-20016

jaws webserver rce

firmware vulnerability

2017-2022 exploit

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.121 Low

EPSS

Percentile

95.4%

JSON

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the “JAWS webserver RCE” because of the easily identifying HTTP response server field. Other firmware versions, at least from 2014 through 2019, can be affected. This was exploited in the wild in 2017 through 2022.

Affected configurations

NVD

Node

mvpowertv-7104he_firmwareMatch1.8.4_115215b9

AND

mvpowertv-7104heMatch-

Node

mvpowertv7108he_firmwareMatch-

AND

mvpowertv7108heMatch-

References

blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/

www.exploit-db.com/exploits/41471

www.pentestpartners.com/security-blog/pwning-cctv-cameras/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.121 Low

EPSS

Percentile

95.4%

JSON

Related for NVD:CVE-2016-20016

prion1 cvelist1 cve1 thn1 attackerkb1