Skip to main content

Td 2716tc Hc Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-34036 CRITICAL POC THREAT Emergency

White-labeled DVRs manufactured by TVT contain an unauthenticated OS command injection in the 'Cross Web Server' HTTP service on ports 81/82. The URI path handling for language extraction fails to sanitize input, enabling remote attackers to execute arbitrary commands on the surveillance DVR.

Authentication Bypass RCE Command Injection Td 2004ts Cl C Firmware Td 2004ts Cl Firmware +28
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
10.9%
CVE-2025-34036
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

White-labeled DVRs manufactured by TVT contain an unauthenticated OS command injection in the 'Cross Web Server' HTTP service on ports 81/82. The URI path handling for language extraction fails to sanitize input, enabling remote attackers to execute arbitrary commands on the surveillance DVR.

Authentication Bypass RCE Command Injection +30
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy