CVE-2024-0778

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to...

Command injection

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to...

CVE-2024-0778 Uniview ISC 2500-S VM.php setNatConfig os command injection

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to...

Zhejiang uniview technologies security(DVR/NVR)and other monitoring equipment command execution

In file /Interface/DevManage/VM.php in: code area .............. Code omitted.................... // Set the DNS to resolve the server address case 'setDNSServer' : shellexec'echo "nameserver '. 'DNSServerAdrr'.'"'.' /etc/resolv. conf'; 'Code' = 0; getTip; echo jsonencode; break; default :...