47 matches found
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life EoL TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to explo...
Merit LILIN DVR Series和Merit LILIN NVR Series 操作系统命令注入漏洞
The Merit LILIN DVR Series and Merit LILIN NVR Series are both products of Merit LILIN Corporation of Taiwan, China.The Merit LILIN DVR Series is a series of digital video recorders.The Merit LILIN NVR Series is a series of network video recorders. The Merit LILIN DVR Series and Merit LILIN NVR...
CVE-2022-35733
Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier allows a remote unauthenticated attacker to execute an arbitrary OS...
CVE-2024-41929
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2025-66173
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted...
CVE-2025-66174
There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands...
EUVD-2013-3546
Malware in sbrugna...
EUVD-2022-38607
Malicious code in bioql PyPI...
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks
A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service DDoS-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice D...
AVTECH IP camera、AVTECH DVR和AVTECH NVR 安全漏洞
AVTECH IP camera and others are products of AVTECH Corporation, USA.AVTECH IP camera is a series of network security cameras.AVTECH DVR is a digital video recording host.AVTECH NVR is a network video recorder. A security vulnerability exists in AVTECH IP camera, AVTECH DVR and AVTECH NVR that...
CVE-2024-47001
Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
Dahua Security Digital Video Recorders Credentials Management Errors (CVE-2013-3612)
Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified backdoor account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors. This plugin on...
Dahua Security Digital Video Recorders Permissions, Privileges, and Access Controls (CVE-2013-5754)
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...
Neye3C 安全漏洞
Neye3C is an application from Neye3C that connects to cloud cameras and DVRs by logging into the cloud. A security vulnerability exists in Neye3C version v4.5.2.0 that stems from the inclusion of hard-coded encryption keys in the firmware update mechanism...
Neye3C 安全漏洞
Neye3C is an application from Neye3C that connects to cloud cameras and DVRs by logging into the cloud. A security vulnerability exists in Neye3C version v4.5.2.0, which stems from incorrect access control during firmware updates and downloads, and allows an attacker to gain access to sensitive...
CVE-2024-47001
Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2024-43778
OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2024-41929
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2024-43778
OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...
CVE-2024-43778
OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...