Lucene search
K

47 matches found

The Hacker News
The Hacker News
added 2026/04/18 6:1 a.m.8 views

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors are exploiting security flaws in TBK DVR and end‑of‑life EoL TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to explo...

8.8CVSS7.7AI score0.99999EPSS
Exploits13
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.3 views

Merit LILIN DVR Series和Merit LILIN NVR Series 操作系统命令注入漏洞

The Merit LILIN DVR Series and Merit LILIN NVR Series are both products of Merit LILIN Corporation of Taiwan, China.The Merit LILIN DVR Series is a series of digital video recorders.The Merit LILIN NVR Series is a series of network video recorders. The Merit LILIN DVR Series and Merit LILIN NVR...

8.8CVSS7.8AI score0.01025EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.14 views

CVE-2022-35733

Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier allows a remote unauthenticated attacker to execute an arbitrary OS...

9.8CVSS8AI score0.01249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.5 views

CVE-2024-41929

Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.8CVSS7.4AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/20 7:11 a.m.7 views

CVE-2025-66173

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...

6.2CVSS6.9AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2025/12/19 7:16 a.m.4 views

CVE-2025-66174

There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands...

6.8CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-3546

Malware in sbrugna...

10CVSS6.1AI score0.10298EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-38607

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01249EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/08/20 4:19 a.m.4 views

DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service DDoS-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice D...

7.6AI score
Exploits0
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.4 views

AVTECH IP camera、AVTECH DVR和AVTECH NVR 安全漏洞

AVTECH IP camera and others are products of AVTECH Corporation, USA.AVTECH IP camera is a series of network security cameras.AVTECH DVR is a digital video recording host.AVTECH NVR is a network video recorder. A security vulnerability exists in AVTECH IP camera, AVTECH DVR and AVTECH NVR that...

6.9CVSS6.7AI score0.00538EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 10:34 a.m.8 views

CVE-2024-47001

Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.8CVSS7.2AI score0.00659EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.8 views

Dahua Security Digital Video Recorders Credentials Management Errors (CVE-2013-3612)

Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified backdoor account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors. This plugin on...

10CVSS5.5AI score0.10298EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.4 views

Dahua Security Digital Video Recorders Permissions, Privileges, and Access Controls (CVE-2013-5754)

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...

10CVSS5.5AI score0.10298EPSS
Exploits4References2
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.3 views

Neye3C 安全漏洞

Neye3C is an application from Neye3C that connects to cloud cameras and DVRs by logging into the cloud. A security vulnerability exists in Neye3C version v4.5.2.0 that stems from the inclusion of hard-coded encryption keys in the firmware update mechanism...

9.8CVSS6.8AI score0.00295EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.4 views

Neye3C 安全漏洞

Neye3C is an application from Neye3C that connects to cloud cameras and DVRs by logging into the cloud. A security vulnerability exists in Neye3C version v4.5.2.0, which stems from incorrect access control during firmware updates and downloads, and allows an attacker to gain access to sensitive...

9.8CVSS6.9AI score0.00476EPSS
Exploits0References3
NVD
NVD
added 2024/09/18 7:15 a.m.9 views

CVE-2024-47001

Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.8CVSS0.00659EPSS
Exploits0References2
NVD
NVD
added 2024/09/18 7:15 a.m.19 views

CVE-2024-43778

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.8CVSS0.00999EPSS
Exploits0References2
NVD
NVD
added 2024/09/18 7:15 a.m.8 views

CVE-2024-41929

Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.8CVSS0.00513EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/18 6:14 a.m.10 views

CVE-2024-43778

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

8.7AI score0.00999EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/18 6:14 a.m.14 views

CVE-2024-43778

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

0.00999EPSS
Exploits0References2
Rows per page
Query Builder