Skip to main content

Td 2104ts Cl Firmware

2 CVEs product

Monthly

CVE-2025-34036 CRITICAL POC THREAT Emergency

White-labeled DVRs manufactured by TVT contain an unauthenticated OS command injection in the 'Cross Web Server' HTTP service on ports 81/82. The URI path handling for language extraction fails to sanitize input, enabling remote attackers to execute arbitrary commands on the surveillance DVR.

Command Injection RCE Authentication Bypass Td 2932td Hp Firmware Td 2108ts Cl Firmware +28
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
10.9%
CVE-2024-7339 MEDIUM POC THREAT This Month

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

HP Information Disclosure Sh 4050A5 5L Mm Firmware Avision Av108T Firmware Td 2104ts Cl Firmware +1
NVD VulDB
CVSS 4.0
6.9
EPSS
32.0%
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

White-labeled DVRs manufactured by TVT contain an unauthenticated OS command injection in the 'Cross Web Server' HTTP service on ports 81/82. The URI path handling for language extraction fails to sanitize input, enabling remote attackers to execute arbitrary commands on the surveillance DVR.

Command Injection RCE Authentication Bypass +30
NVD Exploit-DB
EPSS 32% CVSS 6.9
MEDIUM POC THREAT This Month

A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

HP Information Disclosure Sh 4050A5 5L Mm Firmware +3
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy