Digiever DS-2105 Pro - Command Injection

Digiever DS-2105 Pro 3.1.0.71-11 contains a command injection caused by unsanitized input in timetzsetup.cgi, letting attackers execute arbitrary commands remotely, exploit requires no authentication. id: CVE-2023-52163 info: name: Digiever DS-2105 Pro - Command Injection author: rajesh-social-te...

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency CISA added a security flaw impacting Digiever DS-2105 Pro network video recorders NVRs to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 CVSS score: 8.8...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

Digiever DS-2105 Pro Missing Authorization Vulnerability

Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via timetzsetup.cgi...

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit shotgun" approach, has singled out a wide range of internet-exposed infrastructure, including...

EUVD-2025-29039

Malicious code in bioql PyPI...

EUVD-2025-29031

Malicious code in bioql PyPI...

CVE-2025-10265

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2025-10264

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras...

CVE-2025-10265

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2025-10265 Digiever｜NVR - OS Command Injection

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2025-10265 Digiever｜NVR - OS Command Injection

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

CVE-2025-10265

Digiever Digiever NVR devices are affected by CVE-2025-10265, an OS command injection vulnerability in the NVR OS that enables authenticated remote attackers to inject and execute arbitrary commands. The issue is described as affecting certain NVR models, with network access required and low priv...

CVE-2025-10264

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras...

CVE-2025-10264 Digiever｜NVR - Exposure of Sensitive Information

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras...

CVE-2025-10264

CVE-2025-10264 — Digiever NVR exposure of sensitive information . Multiple connected sources confirm that certain Digiever NVR models are vulnerable to an exposure of sensitive information, allowing unauthenticated remote attackers to access the system configuration file and obtain plaintext cred...

CVE-2025-10264 Digiever｜NVR - Exposure of Sensitive Information

Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras...

PT-2025-37300

Name of the Vulnerable Software and Affected Versions: Digiever NVR affected versions not specified Description: Certain models of NVR developed by Digiever have an OS Command Injection vulnerability. This allows remote attackers to inject arbitrary OS commands and execute them on the device. Som...

Digiever NVR 操作系统命令注入漏洞

The Digiever NVR is a camera centralized management, video storage and surveillance device from Digiever Corporation of Taiwan, China. The Digiever NVR suffers from an operating system command injection vulnerability that originates from an unauthenticated remote attacker who can inject arbitrary...

PT-2025-37299

Name of the Vulnerable Software and Affected Versions: Digiever NVR affected versions not specified Description: Digiever NVR devices are susceptible to a sensitive information exposure issue. Unauthenticated remote attackers can access the system configuration file and obtain plaintext credentia...