9 matches found
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency CISA added a security flaw impacting Digiever DS-2105 Pro network video recorders NVRs to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 CVSS score: 8.8...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...
CVE-2023-52163
Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-52163
creationtimestamp| type| source ---|---|--- 2025-02-03 21:15:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113942024359778828 2025-02-03 21:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhchm4cfrx2j 2025-02-03 22:08:27+00:00| seen|...
CVE-2023-52163
Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-52163
Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-52163
Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-52163
Digiever DS-2105 Pro 3.1.0.71-11 contains a command injection vulnerability in time_tzsetup.cgi. The Nuclei template attributes the issue to unsanitized input in time_tzsetup.cgi, allowing an attacker to execute arbitrary commands remotely. Reported impact is remote code execution with high sever...
VulnCheck KEV: CVE-2023-52163
Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via timetzsetup.cgi...