CVE-2024-3721

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely...

CVE-2024-3721 TBK DVR-4104/DVR-4216 os command injection

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely...

CVE-2024-3721 TBK DVR-4104/DVR-4216 os command injection

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely...

CVE-2024-3721

CVE-2024-3721 is an OS command injection affecting TBK DVR-4104 and DVR-4216 (firmware up to 20240412). The flaw stems from unsanitized parameters mdb/mdc in HTTP requests to /device.rsp?opt=sys&cmd=S_O_S_T_R_E_A_MAX . Successful exploitation allows unauthenticated remote command execution and ha...

TBK DVR-4104、DVR-4216 操作系统命令注入漏洞

TBK DVR-4104 is a digital video recorder from TBK. An OS command injection vulnerability exists in TBK DVR-4104, DVR-4216 version 20240412 and earlier versions, which stems from the fact that incorrect operation of the parameter mdb/mdc can lead to OS command injection...

PT-2024-27378

Name of the Vulnerable Software and Affected Versions TBK DVR-4104 versions prior to 20240412 TBK DVR-4216 versions prior to 20240412 Description An OS command injection issue exists in TBK DVR devices due to insufficient validation of user-supplied input. Remote, unauthenticated attackers can...