Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:55 a.m.13 views

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

9.8CVSS8.1AI score0.86289EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2023/05/03 7:30 a.m.62 views

Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices

Threat actors are actively exploiting an unpatched five-year-old flaw impacting TBK digital video recording DVR devices, according to an advisory issued by Fortinet FortiGuard Labs. The vulnerability in question is CVE-2018-9995 CVSS score: 9.8, a critical authentication bypass issue that could b...

9.8CVSS8.3AI score0.86289EPSS
Exploits14
NVD
NVD
added 2022/10/19 5:15 a.m.25 views

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

9.8CVSS0.86289EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.9 views

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

8.1AI score0.86289EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.36 views

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

9.8AI score0.86289EPSS
Exploits1References3
CVE
CVE
added 2022/10/19 12:0 a.m.331 views

CVE-2016-20016

CVE-2016-20016 affects MVPower CCTV DVR models (e.g., TV-7104HE 1.8.4 115215B9 and TV7108HE). The flaw is a web shell accessible via a /shell URI that lets a remote unauthenticated attacker execute arbitrary OS commands as root. Public sources (NVD, Red Hat advisories, CVE lists) confirm the vuln...

9.8CVSS9.7AI score0.86289EPSS
In wildExploits1References3Affected Software1
Circl
Circl
added 2018/05/29 3:50 p.m.19 views

CVE-2016-20016

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/mvpowerdvrshellexec.rb 2022-10-19 12:14:58+00:00| exploited| https://t.me/cibsecurity/51744 2023-05-03 13:03:44+00:00| exploited|...

9.8CVSS7.5AI score0.86289EPSS
Exploits1References8
Rows per page
Query Builder