KGUARD DVR 未授权命令执行漏洞

...

Unauthorized Access Vulnerability in KGuard DVRs

KGuard has been actively creating an integrated platform for smart grid surveillance and has been carefully managing its own brand, KGuard, for many years, and its main products include the Home Security ComboKit, a DIY kit for digital surveillance video recorders. An unauthorized access...

New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called "miraiptea" that leverages an undisclosed vulnerability in digital video recorders DVR provided by KGUARD to propagate and carry out distributed denial-of-service DDoS attacks. Chinese security firm...

Authentication flaw

Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server...

CVE-2015-4464

The CVE-2015-4464 entry describes a vulnerability in Kguard Digital Video Recorder models 104/108/v2 where there is no authorization or authentication between the ActiveX client and the application server. The issue enables a remote attacker to bypass authentication/authorization via network acce...