CVE-2025-34055

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed...

CVE-2025-34052

Rejected reason: An unauthenticated endpoint that exposes firmware version, MAC address, and supported codecs is not indicative of a security boundary being crossed, as this metadata is not inherently sensitive and commonly used for legitimate fingerprinting and discovery...

CVE-2025-34051

A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgiquery endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP requests...

CVE-2025-34054

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence wa...

CVE-2025-34053

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints...

CVE-2025-34050

A cross-site request forgery CSRF vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of an authenticated user’s browser session, allow unauthorized changes to the device configuration...

CVE-2025-34050

A cross-site request forgery CSRF vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of an authenticated user’s browser session, allow unauthorized changes to the device configuration...

CVE-2025-34066 AVTECH IP camera, DVR, and NVR Devices Unauthenticated Information Disclosure

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...

CVE-2025-34066 AVTECH IP camera, DVR, and NVR Devices Unauthenticated Information Disclosure

An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle MITM attacks...

CVE-2025-34066

CVE-2025-34066 affects AVTECH IP cameras, DVRs, and NVRs. The root cause is improper certificate validation caused by using wget with --no-check-certificate in scripts such as SyncCloudAccount.sh and SyncPermit.sh, exposing HTTPS communications to MITM attacks. Affected products are AVTECH device...

CVE-2025-34065 AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls...

CVE-2025-34065 AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls...

CVE-2025-34065

The CVE-2025-34065 vulnerability affects AVTECH IP cameras, DVRs, and NVRs (streamd web server). The issue is an authentication bypass where the strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls. Affected systems are AVTECH de...

CVE-2025-34056

CVE-2025-34056 affects AVTECH IP camera, DVR, and NVR devices. The vulnerability is an OS command injection in the PwdGrp.cgi endpoint that manages users/groups. Authenticated users can pass input via the pwd or grp parameters, which are embedded into system commands without proper sanitization, ...

CVE-2025-34056 AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without...

CVE-2025-34056 AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without...

CVE-2025-34055 AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed...

CVE-2025-34055 AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed...

CVE-2025-34055

The CVE-2025-34055 issue affects AVTECH AVTECH IP cameras, DVRs, and NVRs exposing the adcommand.cgi endpoint that talks to the ActionD daemon. Authenticated users can call DoShellCmd and pass arbitrary input via strCmd; this input is executed by the system shell without sanitation, allowing comm...

CVE-2025-34054 AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence wa...