TVT DVR Sensitive Device - Information Disclosure

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5LMM and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. id: CVE-2024-7339...

CVE-2025-34036

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When th...

PT-2025-26663

Name of the Vulnerable Software and Affected Versions: TVT DVR Cross Web Server affected versions not specified Description: An OS command injection issue exists in the custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in...

TVT DVR 操作系统命令注入漏洞

TVT DVR is a video recorder from China-based Tongwei TVT. TVT DVR suffers from an OS command injection vulnerability, which stems from an un-cleaned language parameter in Cross Web Server that leads to an OS command injection attack...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Provision-Isr Sh-4050A5-5L\(Mm\)_Firmware

CVE-2024-7339: Information Leak Vulnerability in DVR devices...

CVE-2024-7339

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5LMM and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be...

CVE-2024-7339

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5LMM and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be...

CVE-2024-7339 TVT DVR TD-2104TS-CL queryDevInfo information disclosure

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5LMM and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be...

CVE-2024-7339 TVT DVR TD-2104TS-CL queryDevInfo information disclosure

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5LMM and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be...

TVT DVR <= 3.2.0.P-3520A-00 Directory Traversal Vulnerability - Active Check

TVT DVR is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TVT TD-2308SS-B DVR - Directory Traversal Vulnerability

TVT TD-2308SS-B DVR and possibly other models running firmware version 3.2.0.P-3520A-00 contain a directory traversal vulnerability. An attacker can use directory traversal to download critical files such as the config.dat file for the device which contains the credentials for the web interface...

TVT TD-2308SS-B DVR - Directory Traversal

TVT TD-2308SS-B DVR - Directory Traversal Exploit Title: TVT TD-2308SS-B DVR directory traversal Shodan Dork: "Cross Web Server" Date: 01 Dec 2013 Disclosure date: 10 Sep 2013 Exploit Author: Cesar Neira Vendor Homepage: http://en.tvt.net.cn/ Affected Firmware Versions: 3.1.43.B 3.1.43.P...

TVT TD-2308SS-B DVR - Directory Traversal

Exploit Title: TVT TD-2308SS-B DVR directory traversal Shodan Dork: "Cross Web Server" Date: 01 Dec 2013 Disclosure date: 10 Sep 2013 Exploit Author: Cesar Neira Vendor Homepage: http://en.tvt.net.cn/ Affected Firmware Versions: 3.1.43.B 3.1.43.P 3.1.6.P-1.0.2.1-03 3.1.75.B-1.0.2.1-00...

CVE-2013-6023

Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. dot dot in the URI...