Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
5DescriptionCVE.org
A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request.
AnalysisAI
Command injection in the Aver PTC320UV2 web management interface allows unauthenticated remote attackers to execute arbitrary system commands via crafted web requests. Version 0.1.0000.65 and potentially earlier versions are affected. The vulnerability has a CVSS score of 6.5 (medium severity) with network attack vector and no authentication required, though scope is unchanged and confidentiality/integrity impact is limited. CISA SSVC assessment indicates automation is possible but current exploitation is unconfirmed.
Technical ContextAI
The Aver PTC320UV2 is a professional pan-tilt-zoom camera with integrated web-based management interface. The vulnerability stems from improper input validation in the web management interface (CWE-77: Improper Neutralization of Special Elements used in a Command), allowing attackers to inject arbitrary shell commands that are executed with the privileges of the web service process. This is a classic OS command injection flaw where user-supplied input from a web request is passed to system command execution functions without adequate sanitization or parameterization.
RemediationAI
Upgrade to a patched firmware version released by Aver. Specific patch version numbers are not provided in available references; contact Aver support or visit https://www.aver.com/Downloads/search?q=PTC320UV2 to obtain the latest firmware. As an interim compensating control, restrict network access to the PTC320UV2 web management interface to trusted administrator IP ranges only using firewall rules or network segmentation - block all non-administrative access on the management interface ports (typically TCP 80/443 or device-specific management ports). Disable remote management access if the device will only be managed locally. Disable HTTP if HTTPS is available and use HTTPS exclusively. Note that these controls reduce but do not eliminate risk - patching remains the primary remediation.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26701