CVE-2026-23667

Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally...

CVE-2026-23667 Broadcast DVR Elevation of Privilege Vulnerability

...

CVE-2019-25240 Rifatron 5brid DVR 5brid DVR (HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504) Unauthenticated Live Stream Disclosure via animate.cgi

Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication...

Exploit for Improper Input Validation in Tvt Td-2108Ts-Cl_Firmware

CVE-2025-34036 - TVT DVR Simulation This repository contains...

PT-2025-2743 · Elspec Engineering · Elspec Engineering G5 Digital Fault Recorder Firmware

Name of the Vulnerable Software and Affected Versions: Elspec Engineering G5 Digital Fault Recorder Firmware version 1.2.1.12 Description: The issue is related to an XML External Entity XXE vulnerability, which allows attackers to cause a Denial of Service DoS via a crafted XML payload. This...

VulnCheck KEV: CVE-2024-3721

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be...

VulnCheck KEV: CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be...

VulnCheck KEV: CVE-2015-4464

Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server...

Samsung Web Viewer for Samsung DVR Cross-Site Scripting Vulnerability

Samsung smart Viewer is a TV connectivity software from Samsung. A cross-site scripting vulnerability in Samsung Web Viewer for Samsung DVR allows remote attackers to inject arbitrary web script or HTML using the vulnerability...

Multiple KONGTOP DVR Products Information Disclosure Vulnerability

KONGTOP DVR A303 and so on are different models of network DVR equipment from China KONGTOP KONGTOP Industrial Company. A security vulnerability exists in several KONGTOP DVR products, which originates from a backdoor in the Telnetd file. The vulnerability is caused by a backdoor in the Telnetd...

Generic weak password vulnerability in a DVR camera product

DVR Live, DVR-04, and DVR-08 are camera products made by a manufacturer. A generic weak password vulnerability exists in DVR Live, DVR-04, and DVR-08. An attacker exploiting the vulnerability could log in to the device, constituting a leak of sensitive user information...

AVer Information EH6108H+ hybrid DVR Information Disclosure Vulnerability

The AVer Information EH6108H+ hybrid DVR VU is a hard disk recorder DVR product from Round Show AVer Information. An information disclosure vulnerability exists in the AVer Information EH6108H+ hybrid DVR. An attacker can exploit the vulnerability to obtain sensitive information...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...