Lucene search
+L

68 matches found

RedhatCVE
RedhatCVE
added 2025/07/18 9:58 p.m.12 views

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS7.9AI score0.01149EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 9:58 p.m.11 views

CVE-2025-34132

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...

9.3CVSS8.3AI score0.01747EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 10:15 p.m.11 views

CVE-2025-34132

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...

9.3CVSS0.01747EPSS
Exploits0References4
NVD
NVD
added 2025/07/16 10:15 p.m.9 views

CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

8.7CVSS0.01077EPSS
Exploits0References3
NVD
NVD
added 2025/07/16 10:15 p.m.5 views

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS0.01149EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 9:26 p.m.25 views

CVE-2025-34132

Summary: CVE-2025-34132 affects LILIN Digital Video Recorder (DVR) devices older than firmware version 2.0b60_20200207. The web service handling NTPUpdate config at /z/zbin/dvr_box does not properly sanitize input in the Server field, allowing a remote attacker to inject and execute arbitrary com...

9.3CVSS7.8AI score0.01747EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/07/16 9:26 p.m.6 views

CVE-2025-34132

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...

9.3CVSS6.1AI score0.01747EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/16 9:26 p.m.3 views

CVE-2025-34132 LILIN DVR Command Injection via NTPUpdate in dvr_box

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...

9.3CVSS7.8AI score0.01747EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/16 9:26 p.m.10 views

CVE-2025-34132 LILIN DVR Command Injection via NTPUpdate in dvr_box

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvrbox fails to properly sanitize input, allowing remote attackers to inject and execute...

9.3CVSS0.01747EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/16 9:26 p.m.5 views

CVE-2025-34130 LILIN DVR Arbitrary File Read via net_html.cgi

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS7.8AI score0.01149EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/07/16 9:26 p.m.7 views

CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS5.8AI score0.01149EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/16 9:26 p.m.11 views

CVE-2025-34130 LILIN DVR Arbitrary File Read via net_html.cgi

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to...

8.7CVSS0.01149EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 9:26 p.m.22 views

CVE-2025-34130

CVE-2025-34130 affects LILIN Digital Video Recorder (DVR) devices up to firmware version 2.0b60_20200207. An unauthenticated arbitrary file read via the endpoint /z/zbin/net_html.cgi allows reading sensitive files such as /zconf/service.xml , enabling further attacks including command injection. ...

8.7CVSS7.3AI score0.01149EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/16 9:26 p.m.3 views

CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

8.7CVSS7.3AI score0.01077EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 9:26 p.m.49 views

CVE-2025-34129

CVE-2025-34129 affects LILIN Digital Video Recorder (DVR) devices prior to firmware 2.0b60_20200207. The root cause is insufficient sanitization of the FTP and NTP Server fields in the service configuration, allowing an attacker with access to the configuration interface to upload a malicious XML...

8.7CVSS7.3AI score0.01077EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/07/16 9:26 p.m.4 views

CVE-2025-34129

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

8.7CVSS5.8AI score0.01077EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/16 9:26 p.m.11 views

CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

8.7CVSS0.01077EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.8 views

LILIN Digital Video Recorder 安全漏洞

LILIN Digital Video Recorder is a video recorder from LILIN Taiwan, China. A security vulnerability exists in LILIN Digital Video Recorder versions prior to 2.0b6020200207, which originates from an arbitrary file read and could lead to the reading of sensitive configuration files...

8.7CVSS6.5AI score0.01149EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29892 · Lilin · Lilin Digital Video Recorder

Name of the Vulnerable Software and Affected Versions: LILIN Digital Video Recorder DVR versions prior to 2.0b60 20200207 Description: An unauthenticated arbitrary file read issue exists in LILIN Digital Video Recorder DVR devices. This allows attackers to read sensitive configuration files, such...

8.7CVSS7AI score0.01149EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.5 views

LILIN Digital Video Recorder 安全漏洞

LILIN Digital Video Recorder is a video recorder from LILIN Taiwan, China. A security vulnerability exists in LILIN Digital Video Recorder versions prior to 2.0b6020200207, which originates from a command injection and may result in the execution of arbitrary commands...

8.7CVSS7.5AI score0.01077EPSS
Exploits0References3
Rows per page
Query Builder