EUVD-2025-19631CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
Lifecycle Timeline
4Description
A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP requests from the DVR to internal or external systems, potentially exposing sensitive data or interacting with internal services.
Analysis
A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP requests from the DVR to internal or external systems, potentially exposing sensitive data or interacting with internal services.
Technical Context
Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls. This vulnerability is classified as Information Exposure (CWE-200).
Remediation
Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today