Dvr Firmware
Monthly
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.7%.
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%.
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.7%.
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and earlier allows remote attackers to read arbitrary files via .. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.1%.