Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for IP camera, DVR, and NVR devices by AVTECH

    CVE-2025-34065 (GCVE-0-2025-34065)

    Vulnerability from nvd – Published: 2025-07-01 14:47 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path
    Summary
    An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1000-1000-1000-1000
    Affected: 1000C-1000C-1000C-1000C
    Affected: 1001-1000-1000-1000
    Affected: 1001-1001-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1002-1000-1002
    Affected: 1002D-1000D-1000D-1000D
    Affected: 1003-1000-1000-1001
    Affected: 1003-1001-1001-1000
    Affected: 1003-1002-1001-1000
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1002-1000-1001
    Affected: 1004-1003-1001-1002
    Affected: 1004-1003-1002-1001
    Affected: 1004A-1001A-1002A-1000A
    Affected: 1005-1002-1001-1002
    Affected: 1005-1003-1001-1002
    Affected: 1005-1004-1002-1001
    Affected: 1005A-1001A-1002A-1001A
    Affected: 1005D-1001D-1002D-1001D
    Affected: 1006-1002-1001-1002
    Affected: 1006-1003-1001-1001
    Affected: 1006-1004-1003-1001
    Affected: 1007-1001-1003-1001
    Affected: 1007-1001-1004-1003
    Affected: 1007-1002-1001-1000
    Affected: 1007-1002-1001-1003
    Affected: 1007-1002-1003-1002
    Affected: 1007-1004-1003-1001
    Affected: 1008-1001-1003-1002
    Affected: 1008-1004-1004-1001
    Affected: 1008D-1003D-1004D-1002D
    Affected: 1008J-1004J-1004J-1001J
    Affected: 1009-1001-1004-1001
    Affected: 1009-1002-1005-1003
    Affected: 1009-1003-1001-1003
    Affected: 1009-1003-1005-1002
    Affected: 1010-1001-1004-1001
    Affected: 1010-1001-1004-1002
    Affected: 1010-1003-1005-1002
    Affected: 1010-1003-1006-1003
    Affected: 1010-1003-1006-1004
    Affected: 1010-1004-1007-1001
    Affected: 1010J-1001J-1004J-1001J
    Affected: 1010N-1003N-1005N-1002N
    Affected: 1011-1001-1002A-1002
    Affected: 1011-1001-1002D-1002
    Affected: 1011-1001-1003-1002
    Affected: 1011-1001-1004-1002
    Affected: 1011-1001-1005-1002
    Affected: 1011-1004-1005-1002
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34065",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:35:32.244766Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:36:04.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Search.cgi",
                "username parameter",
                "queryb64str"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1000-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1000C-1000C-1000C-1000C"
                },
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1001-1001-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1002-1000-1002"
                },
                {
                  "status": "affected",
                  "version": "1002D-1000D-1000D-1000D"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1002-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1004A-1001A-1002A-1000A"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1004-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1005A-1001A-1002A-1001A"
                },
                {
                  "status": "affected",
                  "version": "1005D-1001D-1002D-1001D"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1003-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1006-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1004-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1007-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1008D-1003D-1004D-1002D"
                },
                {
                  "status": "affected",
                  "version": "1008J-1004J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1002-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1004"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010J-1001J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1010N-1003N-1005N-1002N"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002A-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002D-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1004-1005-1002"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
                }
              ],
              "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:18.570Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34065",
        "datePublished": "2025-07-01T14:47:23.621Z",
        "dateReserved": "2025-04-15T19:15:22.549Z",
        "dateUpdated": "2026-04-07T14:09:18.570Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34056 (GCVE-0-2025-34056)

    Vulnerability from nvd – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution
    Summary
    An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34056",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:34:24.733333Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:34:41.482Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "PwdGrp.cgi user/group configuration handler",
                "pwd parameter",
                "grp parameter"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the \u003ccode\u003ePwdGrp.cgi\u003c/code\u003e endpoint, which handles user and group management operations. Authenticated users can supply input through the \u003ccode\u003epwd\u003c/code\u003e or \u003ccode\u003egrp\u003c/code\u003e parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges."
                }
              ],
              "value": "An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:17.710Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34056",
        "datePublished": "2025-07-01T14:46:52.800Z",
        "dateReserved": "2025-04-15T19:15:22.549Z",
        "dateUpdated": "2026-04-07T14:09:17.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34055 (GCVE-0-2025-34055)

    Vulnerability from nvd – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution
    Summary
    An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1001-1000-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1001-1001-1001
    Affected: 1003-1000-1001-1000
    Affected: 1003-1001-1001-1000
    Affected: 1003-1001-1001-1001
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1001-1002-1000
    Affected: 1004-1002-1001-1000
    Affected: 1004V-1002V-1003V-1001V
    Affected: 1004Y-1002Y-1001EJ-1000Y
    Affected: 1005-1001-1002-1000
    Affected: 1005-1002-1001-1002
    Affected: 1005-1002-1002-1000
    Affected: 1005-1002-1004-1001
    Affected: 1006-1001-1003-1000
    Affected: 1006-1001-1003-1003
    Affected: 1006-1002-1001-1002
    Affected: 1006-1002-1003-1000
    Affected: 1006R-1002R-1001R-1002R
    Affected: 1007-1001-1003-1000
    Affected: 1007-1001-1003-1003
    Affected: 1007-1002-1004-1000
    Affected: 1007-1003-1005-1001
    Affected: 1007E-1003E-1005EJ-1001E
    Affected: 1007V-1003V-1005V-1001V
    Affected: 1008-1001-1001-1001
    Affected: 1008-1002-1002-1003
    Affected: 1008-1002-1005-1000
    Affected: 1008-1003-1005-1003
    Affected: 1008-1004-1003-1002
    Affected: 1009-1001-1002-1001
    Affected: 1009-1001-1004-1000
    Affected: 1009-1003-1006-1001
    Affected: 1009-1004-1005-1006
    Affected: 1009-1004-1006-1003
    Affected: 1009Y-1003Y-1006Y-1001Y
    Affected: 1010-1001-1003-1001
    Affected: 1010-1001-1004-1005
    Affected: 1010-1002-1005-1000
    Affected: 1010-1004-1007-1001
    Affected: 1010-1005-1005-1002
    Affected: 1011-1002-1004-1001
    Affected: 1011-1002-1006-1000
    Affected: 1011-1005-1007EJ-1001
    Affected: 1011-1005-1008-1002
    Affected: 1012-1002-1004-1001
    Affected: 1012-1002-1006-1005
    Affected: 1012-1002-1007-1004
    Affected: 1012-1003-1001-1005
    Affected: 1012-1003-1005-1005
    Affected: 1012-1004-1008-1008
    Affected: 1012-1008-1009-1000-FFFF
    Affected: 1013-1002-1006-1005
    Affected: 1013-1003-1005-1001
    Affected: 1013-1004-1008-1003
    Affected: 1013-1004-1008-1008
    Affected: 1014-1002-1007-1004
    Affected: 1014-1003-1006-1001
    Affected: 1014-1003-1006PL-1001
    Affected: 1014-1003-1007-1001
    Affected: 1014-1004-1008-1008
    Affected: 1014-1005-1009-1002
    Affected: 1014-1007-1009-1001
    Affected: 1014L-1002L-1006L-1005L
    Affected: 1015-1006-1004-1002
    Affected: 1015-1006-1005-1002
    Affected: 1015-1006-1008-1002
    Affected: 1015-1006-1008-1007
    Affected: 1015-1006-1010-1003
    Affected: 1015-1007-1007-1007
    Affected: 1015K-1006K-1008PO-1002K
    Affected: 1015Y-1007Y-1010Y-1001Y
    Affected: 1016-1003-1007-1001
    Affected: 1016-1004-1009-1009
    Affected: 1016-1006-1008-1007
    Affected: 1016-1007-1005-1001
    Affected: 1016-1007-1009-1003
    Affected: 1016-1007-1011-1001
    Affected: 1016-1007-1011-1003
    Affected: 1016-1008-1007-1007
    Affected: 1016Y-1007Y-1011Y-1001Y
    Affected: 1017-1002-1008-1005
    Affected: 1017-1003-1007-1002
    Affected: 1017-1003-1008-1006
    Affected: 1017-1008-1012-1002
    Affected: 1017-1011-1013-1001-FFFF
    Affected: 1017k-1003k-1008k-1006k
    Affected: 1017Y-1008Y-1012Y-1002Y
    Affected: 1018-1003-1005-1004
    Affected: 1018-1003-1007-1002
    Affected: 1018-1003-1008-1003
    Affected: 1018-1003-1008-1004
    Affected: 1018-1003-1008PO-1003
    Affected: 1018-1006-1009-1007
    Affected: 1018-1007-1009-1003
    Affected: 1018-1008-1012-1004
    Affected: 1019-1003-1007-1002
    Affected: 1019-1003-1008-1001
    Affected: 1019-1004-1009-1007
    Affected: 1019-1007-1009-1003
    Affected: 1019-1009-1013-1003
    Affected: 1019-1010-1009-1009
    Affected: 1019c-1012c-1014c-1001c-FFFF
    Affected: 1020-1003-1008-1003
    Affected: 1020-1003-1008-1004
    Affected: 1020-1003-1010-1006
    Affected: 1020-1004-1009-1007
    Affected: 1020-1005-1011-1010
    Affected: 1020-1005-1012-1007
    Affected: 1020-1007-1008-1003
    Affected: 1020-1007-1009-1003
    Affected: 1021-1003-1008-1003
    Affected: 1021-1003-1008-1004
    Affected: 1021-1005-1011-1010
    Affected: 1021-1007-1010-1003
    Affected: 1021L-1003L-1010L-1006L
    Affected: 1021r-1004r-1009r-1007r
    Affected: 1022-1003-1008-1002
    Affected: 1022-1004-1009-1007
    Affected: 1022-1007-1012-1007
    Affected: 1022-1012-1011-1009
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022L-1004L-1011L-1006L
    Affected: 1022L-1005L-1011L-1010L
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1004-1010-1007
    Affected: 1023-1014-1017-1002-FFFF
    Affected: 1025-1006-1013-1011
    Affected: 1025-1008-1013-1008
    Affected: 1025-1014-1013-1009
    Affected: 1027-1008-1012-1008
    Affected: 1027-1008-1013-1008
    Affected: 1027-1014-1015-1009
    Affected: 1027L-1006L-1015L-1009L
    Affected: 1028-1007-1014-1012
    Affected: 1029-1007-1014-1008
    Affected: 1030-1007-1014-1012
    Affected: 1030-1008-1014-1008
    Affected: 1031-1007-1015-1012
    Affected: 1032-1007-1015-1008
    Affected: 1032k-1007k-1015k-1008k
    Affected: 1036r-1008r-1016r-1009r
    Affected: 1037-1008-1017-1009
    Affected: S749-S749-S749-S749
    Affected: S820-S820-S820-S820
    Affected: S823-S823-S823-S823
    Affected: S855-S855-S855-S855
    Affected: S914V-S914V-S914V-S914V
    Affected: S968-S968-S968-S968
    Affected: S984-S984-S984-S984
    Affected: T717-T717-T717-T717
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34055",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:33:10.541355Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:33:20.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "cgi-bin/supervisor/adcommand.cgi",
                "strCmd within DoShellCmd"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004V-1002V-1003V-1001V"
                },
                {
                  "status": "affected",
                  "version": "1004Y-1002Y-1001EJ-1000Y"
                },
                {
                  "status": "affected",
                  "version": "1005-1001-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1006-1001-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1006-1001-1003-1003"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1006R-1002R-1001R-1002R"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1004-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1003-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1007E-1003E-1005EJ-1001E"
                },
                {
                  "status": "affected",
                  "version": "1007V-1003V-1005V-1001V"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1002-1002-1003"
                },
                {
                  "status": "affected",
                  "version": "1008-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1008-1003-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1000"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1004-1005-1006"
                },
                {
                  "status": "affected",
                  "version": "1009-1004-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1009Y-1003Y-1006Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1005"
                },
                {
                  "status": "affected",
                  "version": "1010-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1005-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1002-1006-1000"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1007EJ-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1001-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1012-1008-1009-1000-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1013-1002-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1013-1003-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1006PL-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1009-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1007-1009-1001"
                },
                {
                  "status": "affected",
                  "version": "1014L-1002L-1006L-1005L"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1007"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1007-1007-1007"
                },
                {
                  "status": "affected",
                  "version": "1015K-1006K-1008PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1015Y-1007Y-1010Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1016-1003-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1004-1009-1009"
                },
                {
                  "status": "affected",
                  "version": "1016-1006-1008-1007"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1008-1007-1007"
                },
                {
                  "status": "affected",
                  "version": "1016Y-1007Y-1011Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1017-1002-1008-1005"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1017-1008-1012-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1011-1013-1001-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1017k-1003k-1008k-1006k"
                },
                {
                  "status": "affected",
                  "version": "1017Y-1008Y-1012Y-1002Y"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008PO-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1006-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1018-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1008-1012-1004"
                },
                {
                  "status": "affected",
                  "version": "1019-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1019-1003-1008-1001"
                },
                {
                  "status": "affected",
                  "version": "1019-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1019-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1019-1009-1013-1003"
                },
                {
                  "status": "affected",
                  "version": "1019-1010-1009-1009"
                },
                {
                  "status": "affected",
                  "version": "1019c-1012c-1014c-1001c-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1010-1006"
                },
                {
                  "status": "affected",
                  "version": "1020-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1020-1005-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1020-1005-1012-1007"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1021-1007-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1021L-1003L-1010L-1006L"
                },
                {
                  "status": "affected",
                  "version": "1021r-1004r-1009r-1007r"
                },
                {
                  "status": "affected",
                  "version": "1022-1003-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1022-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1007-1012-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1012-1011-1009"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022L-1004L-1011L-1006L"
                },
                {
                  "status": "affected",
                  "version": "1022L-1005L-1011L-1010L"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1004-1010-1007"
                },
                {
                  "status": "affected",
                  "version": "1023-1014-1017-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1025-1006-1013-1011"
                },
                {
                  "status": "affected",
                  "version": "1025-1008-1013-1008"
                },
                {
                  "status": "affected",
                  "version": "1025-1014-1013-1009"
                },
                {
                  "status": "affected",
                  "version": "1027-1008-1012-1008"
                },
                {
                  "status": "affected",
                  "version": "1027-1008-1013-1008"
                },
                {
                  "status": "affected",
                  "version": "1027-1014-1015-1009"
                },
                {
                  "status": "affected",
                  "version": "1027L-1006L-1015L-1009L"
                },
                {
                  "status": "affected",
                  "version": "1028-1007-1014-1012"
                },
                {
                  "status": "affected",
                  "version": "1029-1007-1014-1008"
                },
                {
                  "status": "affected",
                  "version": "1030-1007-1014-1012"
                },
                {
                  "status": "affected",
                  "version": "1030-1008-1014-1008"
                },
                {
                  "status": "affected",
                  "version": "1031-1007-1015-1012"
                },
                {
                  "status": "affected",
                  "version": "1032-1007-1015-1008"
                },
                {
                  "status": "affected",
                  "version": "1032k-1007k-1015k-1008k"
                },
                {
                  "status": "affected",
                  "version": "1036r-1008r-1016r-1009r"
                },
                {
                  "status": "affected",
                  "version": "1037-1008-1017-1009"
                },
                {
                  "status": "affected",
                  "version": "S749-S749-S749-S749"
                },
                {
                  "status": "affected",
                  "version": "S820-S820-S820-S820"
                },
                {
                  "status": "affected",
                  "version": "S823-S823-S823-S823"
                },
                {
                  "status": "affected",
                  "version": "S855-S855-S855-S855"
                },
                {
                  "status": "affected",
                  "version": "S914V-S914V-S914V-S914V"
                },
                {
                  "status": "affected",
                  "version": "S968-S968-S968-S968"
                },
                {
                  "status": "affected",
                  "version": "S984-S984-S984-S984"
                },
                {
                  "status": "affected",
                  "version": "T717-T717-T717-T717"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the \u003ccode\u003eadcommand.cgi\u003c/code\u003e endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the \u003ccode\u003eDoShellCmd\u003c/code\u003e operation, passing arbitrary input via the \u003ccode\u003estrCmd\u003c/code\u003e parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user."
                }
              ],
              "value": "An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:16.960Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34055",
        "datePublished": "2025-07-01T14:46:38.848Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:16.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34054 (GCVE-0-2025-34054)

    Vulnerability from nvd – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    Title
    AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection
    Summary
    An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1008-1002-1005-1000
    Affected: 1009-1003-1006-1001
    Affected: 1009Y-1003Y-1006Y-1001Y
    Affected: 1010-1004-1007-1001
    Affected: 1011-1005-1008-1002
    Affected: 1014-1005-1009-1002
    Affected: 1015-1006-1010-1003
    Affected: 1016-1007-1011-1003
    Affected: 1017-1008-1012-1002
    Affected: 1017Y-1008Y-1012Y-1002Y
    Affected: 1018-1008-1012-1004
    Affected: 1019-1009-1013-1003
    Affected: 1019c-1012c-1014c-1001c-FFFF
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1014-1017-1002-FFFF
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34054",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:46:33.820743Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:46:40.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Search.cgi",
                "username parameter",
                "queryb64str"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1008-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1009Y-1003Y-1006Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1009-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1008-1012-1002"
                },
                {
                  "status": "affected",
                  "version": "1017Y-1008Y-1012Y-1002Y"
                },
                {
                  "status": "affected",
                  "version": "1018-1008-1012-1004"
                },
                {
                  "status": "affected",
                  "version": "1019-1009-1013-1003"
                },
                {
                  "status": "affected",
                  "version": "1019c-1012c-1014c-1001c-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1014-1017-1002-FFFF"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC."
                }
              ],
              "value": "An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:16.220Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34054",
        "datePublished": "2025-07-01T14:46:00.832Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:16.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34053 (GCVE-0-2025-34053)

    Vulnerability from nvd – Published: 2025-07-01 14:45 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via .cab Path Manipulation
    Summary
    An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR devices Affected: 1000-1000-1000-1000
    Affected: 1000C-1000C-1000C-1000C
    Affected: 1001-1000-1000-1000
    Affected: 1001-1001-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1002-1000-1002
    Affected: 1002D-1000D-1000D-1000D
    Affected: 1003-1000-1000-1001
    Affected: 1003-1001-1001-1000
    Affected: 1003-1002-1001-1000
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1003-1001-1002
    Affected: 1004-1003-1002-1001
    Affected: 1004A-1001A-1002A-1000A
    Affected: 1005-1002-1001-1002
    Affected: 1005-1003-1001-1002
    Affected: 1005-1004-1002-1001
    Affected: 1005A-1001A-1002A-1001A
    Affected: 1005D-1001D-1002D-1001D
    Affected: 1006-1002-1001-1002
    Affected: 1006-1004-1003-1001
    Affected: 1007-1001-1003-1001
    Affected: 1007-1001-1004-1003
    Affected: 1007-1002-1001-1003
    Affected: 1007-1002-1003-1002
    Affected: 1007-1004-1003-1001
    Affected: 1008-1001-1003-1002
    Affected: 1008-1004-1004-1001
    Affected: 1008D-1003D-1004D-1002D
    Affected: 1008J-1004J-1004J-1001J
    Affected: 1009-1001-1004-1001
    Affected: 1009-1002-1005-1003
    Affected: 1009-1003-1005-1002
    Affected: 1010-1001-1004-1001
    Affected: 1010-1001-1004-1002
    Affected: 1010-1003-1005-1002
    Affected: 1010-1003-1006-1003
    Affected: 1010-1003-1006-1004
    Affected: 1010-1004-1007-1001
    Affected: 1010J-1001J-1004J-1001J
    Affected: 1010N-1003N-1005N-1002N
    Affected: 1011-1001-1002A-1002
    Affected: 1011-1001-1002D-1002
    Affected: 1011-1001-1003-1002
    Affected: 1011-1001-1004-1002
    Affected: 1011-1001-1005-1002
    Affected: 1011-1004-1005-1002
    Affected: 1012-1001-1005-1002
    Affected: 1012-1001-1005-1003
    Affected: 1012-1001-1005PO-1002
    Affected: 1012-1003-1007-1002
    Affected: 1012-1003-1007-1004
    Affected: 1013-1001-1005-1003
    Affected: 1013-1002-1006-1002
    Affected: 1013-1003-1008-1003
    Affected: 1013-1004-1008-1004
    Affected: 1013-1005-1005-1002
    Affected: 1013-1005-1007-1002
    Affected: 1013K-1005K-1007PO-1002K
    Affected: 1014-1002-1006-1002
    Affected: 1014-1002-1006-1003
    Affected: 1014-1003-1008-1003
    Affected: 1014-1005-1008-1002
    Affected: 1014B-1002B-1006B-1002B
    Affected: 1015-1001-1006-1003
    Affected: 1015-1002-1006-1003
    Affected: 1015-1002-1007-1002
    Affected: 1015-1003-1008-1003
    Affected: 1015-1005-1009-1004
    Affected: 1015-1006-1004-1002
    Affected: 1015-1006-1005-1002
    Affected: 1015-1006-1008-1002
    Affected: 1015C-1004C-1003C-1005C
    Affected: 1015K-1006K-1008PO-1002K
    Affected: 1016-1002-1007-1002
    Affected: 1016-1006-1013-1002
    Affected: 1016-1007-1009-1003
    Affected: 1016-1007-1011-1003
    Affected: 1017-1002-1007-1003
    Affected: 1017-1003-1007-1003
    Affected: 1017-1003-1009-1003
    Affected: 1017-1005-1004-1005
    Affected: 1017-1006-1013-1002
    Affected: 1017-1013-1014-1005
    Affected: 1018-1003-1005-1004
    Affected: 1018-1003-1008-1003
    Affected: 1018-1003-1008-1004
    Affected: 1018-1003-1008PO-1003
    Affected: 1018-1004-1005-1005
    Affected: 1018-1007-1009-1003
    Affected: 1018-1012-1011-1010
    Affected: 1019-1004-1006-1005
    Affected: 1019-1007-1009-1003
    Affected: 1020-1003-1008-1003
    Affected: 1020-1003-1008-1004
    Affected: 1020-1004-1007-1006
    Affected: 1020-1007-1008-1003
    Affected: 1020-1007-1009-1003
    Affected: 1021-1003-1008-1003
    Affected: 1021-1003-1008-1004
    Affected: 1021-1005-1006-1005
    Affected: 1021-1005-1008-1006
    Affected: 1021-1006-1015-1002
    Affected: 1021-1007-1010-1003
    Affected: 1022-1005-1007-1005
    Affected: 1022-1005-1009-1007
    Affected: 1022-1006-1015-1002
    Affected: 1022-1013-1014-1010
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1005-1008-1006
    Affected: 1023-1007-1016-1003
    Affected: 1024-1019-1019-1007
    Affected: 1025-1006-1010-1007
    Affected: 1025-1017-1017-1011
    Affected: 1027-1007-1019-1003
    Affected: 1027-1021-1021-1008
    Affected: 1028-1021-1022-1008
    Affected: 1031-1007-1022-1003
    Affected: 1032-1022-1024-1008
    Affected: 1033-1018-1021-1012
    Affected: 1035-1005-1005-1004
    Affected: 1035-1005-1005-1005
    Affected: 1035-1005-1005-1005P
    Affected: 1035-1007-1024-1003
    Affected: 1035-1024-1025-1008
    Affected: 1036-1005-1006-1005
    Affected: 1036-1007-1024-1003
    Affected: 1036-1014-1016-1016
    Affected: 1037-1024-1027-1008
    Affected: 1037-1025-1027-1008
    Affected: 1038-1021-1024-1012
    Affected: 1038-1021-1024-1012-A5
    Affected: 1038-1025-1028-1008
    Affected: 1039-1005-1008-1004
    Affected: 1039-1005-1008-1005
    Affected: 1039-1014-1017-1016
    Affected: 1039D-1014D-1017D-1016D
    Affected: 1040-1026-1029-1008
    Affected: 1041-1005-1009-1005
    Affected: 1042-1026-1030-1008
    Affected: 1044-1026-1030-1008
    Affected: 1044-1026-1031-1008
    Affected: 1045-1015-1020-1018
    Affected: 1046-1027-1032-1008
    Affected: 1047-1027-1031-1008
    Affected: 1049-1027-1033-1008
    Affected: 1050-1027-1034-1008
    Affected: 1050-1027-1036-1008
    Affected: 1051-1027-1035-1008
    Affected: 1051CZ-1028-1037-1008
    Affected: 1052-1027-1034-1008
    Affected: 1052-1028-1038-1008
    Affected: 1052A-1028-1038A-1008
    Affected: 1054-1027-1036-1008
    Affected: 1054-1028-1036-1008
    Affected: 1055-1028-1036-1008
    Affected: 1056-1028-1037-1008
    Affected: 1058-1028-1039-1008
    Affected: 1062-1028-1041-1008
    Affected: 1065-1029-1043-1008
    Affected: 1068-1029-1043-1008
    Affected: 1069-1029-1043-1008
    Affected: 1071-1029-1044-1008
    Affected: 1077-1017-1035-1007
    Affected: 1077-1017-1035-1007-A6
    Affected: 1077-1017-1035-1007-D4
    Affected: 1077-1017-1035-1007-D705FF
    Affected: 1078-1017-1036-1007
    Affected: 1078-1017-1036-1007-A6
    Affected: 1078-1017-1036-1007-D707FF
    Affected: 1079-1017-1037-1007
    Affected: 1079-1017-1037-1007-D4
    Affected: 1W77-1W17-1W35-1W07-A6
    Affected: A077-1017-A035-1007
    Affected: A077-1017-A035-1007-A6
    Affected: A1035-1024-A1025-1008
    Affected: A1038-1025-A1028-1008-D4
    Affected: S681-S681-S681-S681
    Affected: S749-S749-S749-S749
    Affected: S818-S818-S818-S818
    Affected: S820-S820-S820-S820
    Affected: S823-S823-S823-S823
    Affected: S914V-S914V-S914V-S914V
    Affected: S984-S984-S984-S984
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34053",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:46:03.365792Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:46:09.474Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "streamd web server",
                "request URL parameter"
              ],
              "product": "IP camera, DVR, and NVR devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1000-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1000C-1000C-1000C-1000C"
                },
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1001-1001-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1002-1000-1002"
                },
                {
                  "status": "affected",
                  "version": "1002D-1000D-1000D-1000D"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1004A-1001A-1002A-1000A"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1004-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1005A-1001A-1002A-1001A"
                },
                {
                  "status": "affected",
                  "version": "1005D-1001D-1002D-1001D"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1004-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1007-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1008D-1003D-1004D-1002D"
                },
                {
                  "status": "affected",
                  "version": "1008J-1004J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1002-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1004"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010J-1001J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1010N-1003N-1005N-1002N"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002A-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002D-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1004-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005PO-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1013-1001-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1002-1006-1002"
                },
                {
                  "status": "affected",
                  "version": "1013-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1013-1005-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1013-1005-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1013K-1005K-1007PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1006-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1014B-1002B-1006B-1002B"
                },
                {
                  "status": "affected",
                  "version": "1015-1001-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1002-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1002-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1005-1009-1004"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1015C-1004C-1003C-1005C"
                },
                {
                  "status": "affected",
                  "version": "1015K-1006K-1008PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1016-1002-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1016-1006-1013-1002"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1002-1007-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1007-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1005-1004-1005"
                },
                {
                  "status": "affected",
                  "version": "1017-1006-1013-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1013-1014-1005"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008PO-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1004-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1018-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1012-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1019-1004-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1019-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1020-1004-1007-1006"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1021-1006-1015-1002"
                },
                {
                  "status": "affected",
                  "version": "1021-1007-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1022-1005-1007-1005"
                },
                {
                  "status": "affected",
                  "version": "1022-1005-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1006-1015-1002"
                },
                {
                  "status": "affected",
                  "version": "1022-1013-1014-1010"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1005-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1023-1007-1016-1003"
                },
                {
                  "status": "affected",
                  "version": "1024-1019-1019-1007"
                },
                {
                  "status": "affected",
                  "version": "1025-1006-1010-1007"
                },
                {
                  "status": "affected",
                  "version": "1025-1017-1017-1011"
                },
                {
                  "status": "affected",
                  "version": "1027-1007-1019-1003"
                },
                {
                  "status": "affected",
                  "version": "1027-1021-1021-1008"
                },
                {
                  "status": "affected",
                  "version": "1028-1021-1022-1008"
                },
                {
                  "status": "affected",
                  "version": "1031-1007-1022-1003"
                },
                {
                  "status": "affected",
                  "version": "1032-1022-1024-1008"
                },
                {
                  "status": "affected",
                  "version": "1033-1018-1021-1012"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1005P"
                },
                {
                  "status": "affected",
                  "version": "1035-1007-1024-1003"
                },
                {
                  "status": "affected",
                  "version": "1035-1024-1025-1008"
                },
                {
                  "status": "affected",
                  "version": "1036-1005-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1036-1007-1024-1003"
                },
                {
                  "status": "affected",
                  "version": "1036-1014-1016-1016"
                },
                {
                  "status": "affected",
                  "version": "1037-1024-1027-1008"
                },
                {
                  "status": "affected",
                  "version": "1037-1025-1027-1008"
                },
                {
                  "status": "affected",
                  "version": "1038-1021-1024-1012"
                },
                {
                  "status": "affected",
                  "version": "1038-1021-1024-1012-A5"
                },
                {
                  "status": "affected",
                  "version": "1038-1025-1028-1008"
                },
                {
                  "status": "affected",
                  "version": "1039-1005-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1039-1005-1008-1005"
                },
                {
                  "status": "affected",
                  "version": "1039-1014-1017-1016"
                },
                {
                  "status": "affected",
                  "version": "1039D-1014D-1017D-1016D"
                },
                {
                  "status": "affected",
                  "version": "1040-1026-1029-1008"
                },
                {
                  "status": "affected",
                  "version": "1041-1005-1009-1005"
                },
                {
                  "status": "affected",
                  "version": "1042-1026-1030-1008"
                },
                {
                  "status": "affected",
                  "version": "1044-1026-1030-1008"
                },
                {
                  "status": "affected",
                  "version": "1044-1026-1031-1008"
                },
                {
                  "status": "affected",
                  "version": "1045-1015-1020-1018"
                },
                {
                  "status": "affected",
                  "version": "1046-1027-1032-1008"
                },
                {
                  "status": "affected",
                  "version": "1047-1027-1031-1008"
                },
                {
                  "status": "affected",
                  "version": "1049-1027-1033-1008"
                },
                {
                  "status": "affected",
                  "version": "1050-1027-1034-1008"
                },
                {
                  "status": "affected",
                  "version": "1050-1027-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1051-1027-1035-1008"
                },
                {
                  "status": "affected",
                  "version": "1051CZ-1028-1037-1008"
                },
                {
                  "status": "affected",
                  "version": "1052-1027-1034-1008"
                },
                {
                  "status": "affected",
                  "version": "1052-1028-1038-1008"
                },
                {
                  "status": "affected",
                  "version": "1052A-1028-1038A-1008"
                },
                {
                  "status": "affected",
                  "version": "1054-1027-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1054-1028-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1055-1028-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1056-1028-1037-1008"
                },
                {
                  "status": "affected",
                  "version": "1058-1028-1039-1008"
                },
                {
                  "status": "affected",
                  "version": "1062-1028-1041-1008"
                },
                {
                  "status": "affected",
                  "version": "1065-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1068-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1069-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1071-1029-1044-1008"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-D4"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-D705FF"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007-D707FF"
                },
                {
                  "status": "affected",
                  "version": "1079-1017-1037-1007"
                },
                {
                  "status": "affected",
                  "version": "1079-1017-1037-1007-D4"
                },
                {
                  "status": "affected",
                  "version": "1W77-1W17-1W35-1W07-A6"
                },
                {
                  "status": "affected",
                  "version": "A077-1017-A035-1007"
                },
                {
                  "status": "affected",
                  "version": "A077-1017-A035-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "A1035-1024-A1025-1008"
                },
                {
                  "status": "affected",
                  "version": "A1038-1025-A1028-1008-D4"
                },
                {
                  "status": "affected",
                  "version": "S681-S681-S681-S681"
                },
                {
                  "status": "affected",
                  "version": "S749-S749-S749-S749"
                },
                {
                  "status": "affected",
                  "version": "S818-S818-S818-S818"
                },
                {
                  "status": "affected",
                  "version": "S820-S820-S820-S820"
                },
                {
                  "status": "affected",
                  "version": "S823-S823-S823-S823"
                },
                {
                  "status": "affected",
                  "version": "S914V-S914V-S914V-S914V"
                },
                {
                  "status": "affected",
                  "version": "S984-S984-S984-S984"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function is used to identify \".cab\" requests, allowing any URL containing \".cab\" to bypass authentication and access protected endpoints."
                }
              ],
              "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function is used to identify \".cab\" requests, allowing any URL containing \".cab\" to bypass authentication and access protected endpoints."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:15.581Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via .cab Path Manipulation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34053",
        "datePublished": "2025-07-01T14:45:02.858Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:15.581Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34065 (GCVE-0-2025-34065)

    Vulnerability from cvelistv5 – Published: 2025-07-01 14:47 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path
    Summary
    An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1000-1000-1000-1000
    Affected: 1000C-1000C-1000C-1000C
    Affected: 1001-1000-1000-1000
    Affected: 1001-1001-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1002-1000-1002
    Affected: 1002D-1000D-1000D-1000D
    Affected: 1003-1000-1000-1001
    Affected: 1003-1001-1001-1000
    Affected: 1003-1002-1001-1000
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1002-1000-1001
    Affected: 1004-1003-1001-1002
    Affected: 1004-1003-1002-1001
    Affected: 1004A-1001A-1002A-1000A
    Affected: 1005-1002-1001-1002
    Affected: 1005-1003-1001-1002
    Affected: 1005-1004-1002-1001
    Affected: 1005A-1001A-1002A-1001A
    Affected: 1005D-1001D-1002D-1001D
    Affected: 1006-1002-1001-1002
    Affected: 1006-1003-1001-1001
    Affected: 1006-1004-1003-1001
    Affected: 1007-1001-1003-1001
    Affected: 1007-1001-1004-1003
    Affected: 1007-1002-1001-1000
    Affected: 1007-1002-1001-1003
    Affected: 1007-1002-1003-1002
    Affected: 1007-1004-1003-1001
    Affected: 1008-1001-1003-1002
    Affected: 1008-1004-1004-1001
    Affected: 1008D-1003D-1004D-1002D
    Affected: 1008J-1004J-1004J-1001J
    Affected: 1009-1001-1004-1001
    Affected: 1009-1002-1005-1003
    Affected: 1009-1003-1001-1003
    Affected: 1009-1003-1005-1002
    Affected: 1010-1001-1004-1001
    Affected: 1010-1001-1004-1002
    Affected: 1010-1003-1005-1002
    Affected: 1010-1003-1006-1003
    Affected: 1010-1003-1006-1004
    Affected: 1010-1004-1007-1001
    Affected: 1010J-1001J-1004J-1001J
    Affected: 1010N-1003N-1005N-1002N
    Affected: 1011-1001-1002A-1002
    Affected: 1011-1001-1002D-1002
    Affected: 1011-1001-1003-1002
    Affected: 1011-1001-1004-1002
    Affected: 1011-1001-1005-1002
    Affected: 1011-1004-1005-1002
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34065",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:35:32.244766Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:36:04.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Search.cgi",
                "username parameter",
                "queryb64str"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1000-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1000C-1000C-1000C-1000C"
                },
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1001-1001-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1002-1000-1002"
                },
                {
                  "status": "affected",
                  "version": "1002D-1000D-1000D-1000D"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1002-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1004A-1001A-1002A-1000A"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1004-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1005A-1001A-1002A-1001A"
                },
                {
                  "status": "affected",
                  "version": "1005D-1001D-1002D-1001D"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1003-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1006-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1004-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1007-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1008D-1003D-1004D-1002D"
                },
                {
                  "status": "affected",
                  "version": "1008J-1004J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1002-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1004"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010J-1001J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1010N-1003N-1005N-1002N"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002A-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002D-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1004-1005-1002"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
                }
              ],
              "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:18.570Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34065",
        "datePublished": "2025-07-01T14:47:23.621Z",
        "dateReserved": "2025-04-15T19:15:22.549Z",
        "dateUpdated": "2026-04-07T14:09:18.570Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34056 (GCVE-0-2025-34056)

    Vulnerability from cvelistv5 – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution
    Summary
    An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34056",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:34:24.733333Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:34:41.482Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "PwdGrp.cgi user/group configuration handler",
                "pwd parameter",
                "grp parameter"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the \u003ccode\u003ePwdGrp.cgi\u003c/code\u003e endpoint, which handles user and group management operations. Authenticated users can supply input through the \u003ccode\u003epwd\u003c/code\u003e or \u003ccode\u003egrp\u003c/code\u003e parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges."
                }
              ],
              "value": "An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:17.710Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34056",
        "datePublished": "2025-07-01T14:46:52.800Z",
        "dateReserved": "2025-04-15T19:15:22.549Z",
        "dateUpdated": "2026-04-07T14:09:17.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34055 (GCVE-0-2025-34055)

    Vulnerability from cvelistv5 – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution
    Summary
    An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1001-1000-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1001-1001-1001
    Affected: 1003-1000-1001-1000
    Affected: 1003-1001-1001-1000
    Affected: 1003-1001-1001-1001
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1001-1002-1000
    Affected: 1004-1002-1001-1000
    Affected: 1004V-1002V-1003V-1001V
    Affected: 1004Y-1002Y-1001EJ-1000Y
    Affected: 1005-1001-1002-1000
    Affected: 1005-1002-1001-1002
    Affected: 1005-1002-1002-1000
    Affected: 1005-1002-1004-1001
    Affected: 1006-1001-1003-1000
    Affected: 1006-1001-1003-1003
    Affected: 1006-1002-1001-1002
    Affected: 1006-1002-1003-1000
    Affected: 1006R-1002R-1001R-1002R
    Affected: 1007-1001-1003-1000
    Affected: 1007-1001-1003-1003
    Affected: 1007-1002-1004-1000
    Affected: 1007-1003-1005-1001
    Affected: 1007E-1003E-1005EJ-1001E
    Affected: 1007V-1003V-1005V-1001V
    Affected: 1008-1001-1001-1001
    Affected: 1008-1002-1002-1003
    Affected: 1008-1002-1005-1000
    Affected: 1008-1003-1005-1003
    Affected: 1008-1004-1003-1002
    Affected: 1009-1001-1002-1001
    Affected: 1009-1001-1004-1000
    Affected: 1009-1003-1006-1001
    Affected: 1009-1004-1005-1006
    Affected: 1009-1004-1006-1003
    Affected: 1009Y-1003Y-1006Y-1001Y
    Affected: 1010-1001-1003-1001
    Affected: 1010-1001-1004-1005
    Affected: 1010-1002-1005-1000
    Affected: 1010-1004-1007-1001
    Affected: 1010-1005-1005-1002
    Affected: 1011-1002-1004-1001
    Affected: 1011-1002-1006-1000
    Affected: 1011-1005-1007EJ-1001
    Affected: 1011-1005-1008-1002
    Affected: 1012-1002-1004-1001
    Affected: 1012-1002-1006-1005
    Affected: 1012-1002-1007-1004
    Affected: 1012-1003-1001-1005
    Affected: 1012-1003-1005-1005
    Affected: 1012-1004-1008-1008
    Affected: 1012-1008-1009-1000-FFFF
    Affected: 1013-1002-1006-1005
    Affected: 1013-1003-1005-1001
    Affected: 1013-1004-1008-1003
    Affected: 1013-1004-1008-1008
    Affected: 1014-1002-1007-1004
    Affected: 1014-1003-1006-1001
    Affected: 1014-1003-1006PL-1001
    Affected: 1014-1003-1007-1001
    Affected: 1014-1004-1008-1008
    Affected: 1014-1005-1009-1002
    Affected: 1014-1007-1009-1001
    Affected: 1014L-1002L-1006L-1005L
    Affected: 1015-1006-1004-1002
    Affected: 1015-1006-1005-1002
    Affected: 1015-1006-1008-1002
    Affected: 1015-1006-1008-1007
    Affected: 1015-1006-1010-1003
    Affected: 1015-1007-1007-1007
    Affected: 1015K-1006K-1008PO-1002K
    Affected: 1015Y-1007Y-1010Y-1001Y
    Affected: 1016-1003-1007-1001
    Affected: 1016-1004-1009-1009
    Affected: 1016-1006-1008-1007
    Affected: 1016-1007-1005-1001
    Affected: 1016-1007-1009-1003
    Affected: 1016-1007-1011-1001
    Affected: 1016-1007-1011-1003
    Affected: 1016-1008-1007-1007
    Affected: 1016Y-1007Y-1011Y-1001Y
    Affected: 1017-1002-1008-1005
    Affected: 1017-1003-1007-1002
    Affected: 1017-1003-1008-1006
    Affected: 1017-1008-1012-1002
    Affected: 1017-1011-1013-1001-FFFF
    Affected: 1017k-1003k-1008k-1006k
    Affected: 1017Y-1008Y-1012Y-1002Y
    Affected: 1018-1003-1005-1004
    Affected: 1018-1003-1007-1002
    Affected: 1018-1003-1008-1003
    Affected: 1018-1003-1008-1004
    Affected: 1018-1003-1008PO-1003
    Affected: 1018-1006-1009-1007
    Affected: 1018-1007-1009-1003
    Affected: 1018-1008-1012-1004
    Affected: 1019-1003-1007-1002
    Affected: 1019-1003-1008-1001
    Affected: 1019-1004-1009-1007
    Affected: 1019-1007-1009-1003
    Affected: 1019-1009-1013-1003
    Affected: 1019-1010-1009-1009
    Affected: 1019c-1012c-1014c-1001c-FFFF
    Affected: 1020-1003-1008-1003
    Affected: 1020-1003-1008-1004
    Affected: 1020-1003-1010-1006
    Affected: 1020-1004-1009-1007
    Affected: 1020-1005-1011-1010
    Affected: 1020-1005-1012-1007
    Affected: 1020-1007-1008-1003
    Affected: 1020-1007-1009-1003
    Affected: 1021-1003-1008-1003
    Affected: 1021-1003-1008-1004
    Affected: 1021-1005-1011-1010
    Affected: 1021-1007-1010-1003
    Affected: 1021L-1003L-1010L-1006L
    Affected: 1021r-1004r-1009r-1007r
    Affected: 1022-1003-1008-1002
    Affected: 1022-1004-1009-1007
    Affected: 1022-1007-1012-1007
    Affected: 1022-1012-1011-1009
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022L-1004L-1011L-1006L
    Affected: 1022L-1005L-1011L-1010L
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1004-1010-1007
    Affected: 1023-1014-1017-1002-FFFF
    Affected: 1025-1006-1013-1011
    Affected: 1025-1008-1013-1008
    Affected: 1025-1014-1013-1009
    Affected: 1027-1008-1012-1008
    Affected: 1027-1008-1013-1008
    Affected: 1027-1014-1015-1009
    Affected: 1027L-1006L-1015L-1009L
    Affected: 1028-1007-1014-1012
    Affected: 1029-1007-1014-1008
    Affected: 1030-1007-1014-1012
    Affected: 1030-1008-1014-1008
    Affected: 1031-1007-1015-1012
    Affected: 1032-1007-1015-1008
    Affected: 1032k-1007k-1015k-1008k
    Affected: 1036r-1008r-1016r-1009r
    Affected: 1037-1008-1017-1009
    Affected: S749-S749-S749-S749
    Affected: S820-S820-S820-S820
    Affected: S823-S823-S823-S823
    Affected: S855-S855-S855-S855
    Affected: S914V-S914V-S914V-S914V
    Affected: S968-S968-S968-S968
    Affected: S984-S984-S984-S984
    Affected: T717-T717-T717-T717
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34055",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:33:10.541355Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:33:20.804Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "cgi-bin/supervisor/adcommand.cgi",
                "strCmd within DoShellCmd"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004V-1002V-1003V-1001V"
                },
                {
                  "status": "affected",
                  "version": "1004Y-1002Y-1001EJ-1000Y"
                },
                {
                  "status": "affected",
                  "version": "1005-1001-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1002-1000"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1006-1001-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1006-1001-1003-1003"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1006R-1002R-1001R-1002R"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1004-1000"
                },
                {
                  "status": "affected",
                  "version": "1007-1003-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1007E-1003E-1005EJ-1001E"
                },
                {
                  "status": "affected",
                  "version": "1007V-1003V-1005V-1001V"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1002-1002-1003"
                },
                {
                  "status": "affected",
                  "version": "1008-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1008-1003-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1000"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1004-1005-1006"
                },
                {
                  "status": "affected",
                  "version": "1009-1004-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1009Y-1003Y-1006Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1005"
                },
                {
                  "status": "affected",
                  "version": "1010-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1005-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1002-1006-1000"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1007EJ-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1002-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1001-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1012-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1012-1008-1009-1000-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1013-1002-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1013-1003-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1006PL-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1014-1004-1008-1008"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1009-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1007-1009-1001"
                },
                {
                  "status": "affected",
                  "version": "1014L-1002L-1006L-1005L"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1007"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1007-1007-1007"
                },
                {
                  "status": "affected",
                  "version": "1015K-1006K-1008PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1015Y-1007Y-1010Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1016-1003-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1004-1009-1009"
                },
                {
                  "status": "affected",
                  "version": "1016-1006-1008-1007"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1005-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1001"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1008-1007-1007"
                },
                {
                  "status": "affected",
                  "version": "1016Y-1007Y-1011Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1017-1002-1008-1005"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1017-1008-1012-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1011-1013-1001-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1017k-1003k-1008k-1006k"
                },
                {
                  "status": "affected",
                  "version": "1017Y-1008Y-1012Y-1002Y"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008PO-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1006-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1018-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1008-1012-1004"
                },
                {
                  "status": "affected",
                  "version": "1019-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1019-1003-1008-1001"
                },
                {
                  "status": "affected",
                  "version": "1019-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1019-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1019-1009-1013-1003"
                },
                {
                  "status": "affected",
                  "version": "1019-1010-1009-1009"
                },
                {
                  "status": "affected",
                  "version": "1019c-1012c-1014c-1001c-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1010-1006"
                },
                {
                  "status": "affected",
                  "version": "1020-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1020-1005-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1020-1005-1012-1007"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1021-1007-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1021L-1003L-1010L-1006L"
                },
                {
                  "status": "affected",
                  "version": "1021r-1004r-1009r-1007r"
                },
                {
                  "status": "affected",
                  "version": "1022-1003-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1022-1004-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1007-1012-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1012-1011-1009"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022L-1004L-1011L-1006L"
                },
                {
                  "status": "affected",
                  "version": "1022L-1005L-1011L-1010L"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1004-1010-1007"
                },
                {
                  "status": "affected",
                  "version": "1023-1014-1017-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1025-1006-1013-1011"
                },
                {
                  "status": "affected",
                  "version": "1025-1008-1013-1008"
                },
                {
                  "status": "affected",
                  "version": "1025-1014-1013-1009"
                },
                {
                  "status": "affected",
                  "version": "1027-1008-1012-1008"
                },
                {
                  "status": "affected",
                  "version": "1027-1008-1013-1008"
                },
                {
                  "status": "affected",
                  "version": "1027-1014-1015-1009"
                },
                {
                  "status": "affected",
                  "version": "1027L-1006L-1015L-1009L"
                },
                {
                  "status": "affected",
                  "version": "1028-1007-1014-1012"
                },
                {
                  "status": "affected",
                  "version": "1029-1007-1014-1008"
                },
                {
                  "status": "affected",
                  "version": "1030-1007-1014-1012"
                },
                {
                  "status": "affected",
                  "version": "1030-1008-1014-1008"
                },
                {
                  "status": "affected",
                  "version": "1031-1007-1015-1012"
                },
                {
                  "status": "affected",
                  "version": "1032-1007-1015-1008"
                },
                {
                  "status": "affected",
                  "version": "1032k-1007k-1015k-1008k"
                },
                {
                  "status": "affected",
                  "version": "1036r-1008r-1016r-1009r"
                },
                {
                  "status": "affected",
                  "version": "1037-1008-1017-1009"
                },
                {
                  "status": "affected",
                  "version": "S749-S749-S749-S749"
                },
                {
                  "status": "affected",
                  "version": "S820-S820-S820-S820"
                },
                {
                  "status": "affected",
                  "version": "S823-S823-S823-S823"
                },
                {
                  "status": "affected",
                  "version": "S855-S855-S855-S855"
                },
                {
                  "status": "affected",
                  "version": "S914V-S914V-S914V-S914V"
                },
                {
                  "status": "affected",
                  "version": "S968-S968-S968-S968"
                },
                {
                  "status": "affected",
                  "version": "S984-S984-S984-S984"
                },
                {
                  "status": "affected",
                  "version": "T717-T717-T717-T717"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the \u003ccode\u003eadcommand.cgi\u003c/code\u003e endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the \u003ccode\u003eDoShellCmd\u003c/code\u003e operation, passing arbitrary input via the \u003ccode\u003estrCmd\u003c/code\u003e parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user."
                }
              ],
              "value": "An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke the DoShellCmd operation, passing arbitrary input via the strCmd parameter. This input is executed directly by the system shell without sanitation allowing attackers to execute commands as the root user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:16.960Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authenticated Root Command Execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34055",
        "datePublished": "2025-07-01T14:46:38.848Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:16.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34054 (GCVE-0-2025-34054)

    Vulnerability from cvelistv5 – Published: 2025-07-01 14:46 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    Title
    AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection
    Summary
    An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR Devices Affected: 1008-1002-1005-1000
    Affected: 1009-1003-1006-1001
    Affected: 1009Y-1003Y-1006Y-1001Y
    Affected: 1010-1004-1007-1001
    Affected: 1011-1005-1008-1002
    Affected: 1014-1005-1009-1002
    Affected: 1015-1006-1010-1003
    Affected: 1016-1007-1011-1003
    Affected: 1017-1008-1012-1002
    Affected: 1017Y-1008Y-1012Y-1002Y
    Affected: 1018-1008-1012-1004
    Affected: 1019-1009-1013-1003
    Affected: 1019c-1012c-1014c-1001c-FFFF
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1014-1017-1002-FFFF
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34054",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:46:33.820743Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:46:40.272Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Search.cgi",
                "username parameter",
                "queryb64str"
              ],
              "product": "IP camera, DVR, and NVR Devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1008-1002-1005-1000"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1006-1001"
                },
                {
                  "status": "affected",
                  "version": "1009Y-1003Y-1006Y-1001Y"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1011-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1009-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1008-1012-1002"
                },
                {
                  "status": "affected",
                  "version": "1017Y-1008Y-1012Y-1002Y"
                },
                {
                  "status": "affected",
                  "version": "1018-1008-1012-1004"
                },
                {
                  "status": "affected",
                  "version": "1019-1009-1013-1003"
                },
                {
                  "status": "affected",
                  "version": "1019c-1012c-1014c-1001c-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1014-1017-1002-FFFF"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC."
                }
              ],
              "value": "An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:16.220Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34054",
        "datePublished": "2025-07-01T14:46:00.832Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:16.220Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-34053 (GCVE-0-2025-34053)

    Vulnerability from cvelistv5 – Published: 2025-07-01 14:45 – Updated: 2026-04-07 14:09
    VLAI
    Title
    AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via .cab Path Manipulation
    Summary
    An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    Impacted products
    Vendor Product Version
    AVTECH IP camera, DVR, and NVR devices Affected: 1000-1000-1000-1000
    Affected: 1000C-1000C-1000C-1000C
    Affected: 1001-1000-1000-1000
    Affected: 1001-1001-1000-1000
    Affected: 1002-1000-1000-1000
    Affected: 1002-1002-1000-1002
    Affected: 1002D-1000D-1000D-1000D
    Affected: 1003-1000-1000-1001
    Affected: 1003-1001-1001-1000
    Affected: 1003-1002-1001-1000
    Affected: 1004-1000-1000-1000
    Affected: 1004-1001-1001-1001
    Affected: 1004-1003-1001-1002
    Affected: 1004-1003-1002-1001
    Affected: 1004A-1001A-1002A-1000A
    Affected: 1005-1002-1001-1002
    Affected: 1005-1003-1001-1002
    Affected: 1005-1004-1002-1001
    Affected: 1005A-1001A-1002A-1001A
    Affected: 1005D-1001D-1002D-1001D
    Affected: 1006-1002-1001-1002
    Affected: 1006-1004-1003-1001
    Affected: 1007-1001-1003-1001
    Affected: 1007-1001-1004-1003
    Affected: 1007-1002-1001-1003
    Affected: 1007-1002-1003-1002
    Affected: 1007-1004-1003-1001
    Affected: 1008-1001-1003-1002
    Affected: 1008-1004-1004-1001
    Affected: 1008D-1003D-1004D-1002D
    Affected: 1008J-1004J-1004J-1001J
    Affected: 1009-1001-1004-1001
    Affected: 1009-1002-1005-1003
    Affected: 1009-1003-1005-1002
    Affected: 1010-1001-1004-1001
    Affected: 1010-1001-1004-1002
    Affected: 1010-1003-1005-1002
    Affected: 1010-1003-1006-1003
    Affected: 1010-1003-1006-1004
    Affected: 1010-1004-1007-1001
    Affected: 1010J-1001J-1004J-1001J
    Affected: 1010N-1003N-1005N-1002N
    Affected: 1011-1001-1002A-1002
    Affected: 1011-1001-1002D-1002
    Affected: 1011-1001-1003-1002
    Affected: 1011-1001-1004-1002
    Affected: 1011-1001-1005-1002
    Affected: 1011-1004-1005-1002
    Affected: 1012-1001-1005-1002
    Affected: 1012-1001-1005-1003
    Affected: 1012-1001-1005PO-1002
    Affected: 1012-1003-1007-1002
    Affected: 1012-1003-1007-1004
    Affected: 1013-1001-1005-1003
    Affected: 1013-1002-1006-1002
    Affected: 1013-1003-1008-1003
    Affected: 1013-1004-1008-1004
    Affected: 1013-1005-1005-1002
    Affected: 1013-1005-1007-1002
    Affected: 1013K-1005K-1007PO-1002K
    Affected: 1014-1002-1006-1002
    Affected: 1014-1002-1006-1003
    Affected: 1014-1003-1008-1003
    Affected: 1014-1005-1008-1002
    Affected: 1014B-1002B-1006B-1002B
    Affected: 1015-1001-1006-1003
    Affected: 1015-1002-1006-1003
    Affected: 1015-1002-1007-1002
    Affected: 1015-1003-1008-1003
    Affected: 1015-1005-1009-1004
    Affected: 1015-1006-1004-1002
    Affected: 1015-1006-1005-1002
    Affected: 1015-1006-1008-1002
    Affected: 1015C-1004C-1003C-1005C
    Affected: 1015K-1006K-1008PO-1002K
    Affected: 1016-1002-1007-1002
    Affected: 1016-1006-1013-1002
    Affected: 1016-1007-1009-1003
    Affected: 1016-1007-1011-1003
    Affected: 1017-1002-1007-1003
    Affected: 1017-1003-1007-1003
    Affected: 1017-1003-1009-1003
    Affected: 1017-1005-1004-1005
    Affected: 1017-1006-1013-1002
    Affected: 1017-1013-1014-1005
    Affected: 1018-1003-1005-1004
    Affected: 1018-1003-1008-1003
    Affected: 1018-1003-1008-1004
    Affected: 1018-1003-1008PO-1003
    Affected: 1018-1004-1005-1005
    Affected: 1018-1007-1009-1003
    Affected: 1018-1012-1011-1010
    Affected: 1019-1004-1006-1005
    Affected: 1019-1007-1009-1003
    Affected: 1020-1003-1008-1003
    Affected: 1020-1003-1008-1004
    Affected: 1020-1004-1007-1006
    Affected: 1020-1007-1008-1003
    Affected: 1020-1007-1009-1003
    Affected: 1021-1003-1008-1003
    Affected: 1021-1003-1008-1004
    Affected: 1021-1005-1006-1005
    Affected: 1021-1005-1008-1006
    Affected: 1021-1006-1015-1002
    Affected: 1021-1007-1010-1003
    Affected: 1022-1005-1007-1005
    Affected: 1022-1005-1009-1007
    Affected: 1022-1006-1015-1002
    Affected: 1022-1013-1014-1010
    Affected: 1022-1014-1016-1002-FFFF
    Affected: 1022Y-1014Y-1016Y-1002Y-FFFF
    Affected: 1023-1005-1008-1006
    Affected: 1023-1007-1016-1003
    Affected: 1024-1019-1019-1007
    Affected: 1025-1006-1010-1007
    Affected: 1025-1017-1017-1011
    Affected: 1027-1007-1019-1003
    Affected: 1027-1021-1021-1008
    Affected: 1028-1021-1022-1008
    Affected: 1031-1007-1022-1003
    Affected: 1032-1022-1024-1008
    Affected: 1033-1018-1021-1012
    Affected: 1035-1005-1005-1004
    Affected: 1035-1005-1005-1005
    Affected: 1035-1005-1005-1005P
    Affected: 1035-1007-1024-1003
    Affected: 1035-1024-1025-1008
    Affected: 1036-1005-1006-1005
    Affected: 1036-1007-1024-1003
    Affected: 1036-1014-1016-1016
    Affected: 1037-1024-1027-1008
    Affected: 1037-1025-1027-1008
    Affected: 1038-1021-1024-1012
    Affected: 1038-1021-1024-1012-A5
    Affected: 1038-1025-1028-1008
    Affected: 1039-1005-1008-1004
    Affected: 1039-1005-1008-1005
    Affected: 1039-1014-1017-1016
    Affected: 1039D-1014D-1017D-1016D
    Affected: 1040-1026-1029-1008
    Affected: 1041-1005-1009-1005
    Affected: 1042-1026-1030-1008
    Affected: 1044-1026-1030-1008
    Affected: 1044-1026-1031-1008
    Affected: 1045-1015-1020-1018
    Affected: 1046-1027-1032-1008
    Affected: 1047-1027-1031-1008
    Affected: 1049-1027-1033-1008
    Affected: 1050-1027-1034-1008
    Affected: 1050-1027-1036-1008
    Affected: 1051-1027-1035-1008
    Affected: 1051CZ-1028-1037-1008
    Affected: 1052-1027-1034-1008
    Affected: 1052-1028-1038-1008
    Affected: 1052A-1028-1038A-1008
    Affected: 1054-1027-1036-1008
    Affected: 1054-1028-1036-1008
    Affected: 1055-1028-1036-1008
    Affected: 1056-1028-1037-1008
    Affected: 1058-1028-1039-1008
    Affected: 1062-1028-1041-1008
    Affected: 1065-1029-1043-1008
    Affected: 1068-1029-1043-1008
    Affected: 1069-1029-1043-1008
    Affected: 1071-1029-1044-1008
    Affected: 1077-1017-1035-1007
    Affected: 1077-1017-1035-1007-A6
    Affected: 1077-1017-1035-1007-D4
    Affected: 1077-1017-1035-1007-D705FF
    Affected: 1078-1017-1036-1007
    Affected: 1078-1017-1036-1007-A6
    Affected: 1078-1017-1036-1007-D707FF
    Affected: 1079-1017-1037-1007
    Affected: 1079-1017-1037-1007-D4
    Affected: 1W77-1W17-1W35-1W07-A6
    Affected: A077-1017-A035-1007
    Affected: A077-1017-A035-1007-A6
    Affected: A1035-1024-A1025-1008
    Affected: A1038-1025-A1028-1008-D4
    Affected: S681-S681-S681-S681
    Affected: S749-S749-S749-S749
    Affected: S818-S818-S818-S818
    Affected: S820-S820-S820-S820
    Affected: S823-S823-S823-S823
    Affected: S914V-S914V-S914V-S914V
    Affected: S984-S984-S984-S984
    Create a notification for this product.
    Date Public
    2016-10-11 00:00
    Credits
    Gergely Eberhardt (SEARCH-LAB.hu)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34053",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-01T18:46:03.365792Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-01T18:46:09.474Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "streamd web server",
                "request URL parameter"
              ],
              "product": "IP camera, DVR, and NVR devices",
              "vendor": "AVTECH",
              "versions": [
                {
                  "status": "affected",
                  "version": "1000-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1000C-1000C-1000C-1000C"
                },
                {
                  "status": "affected",
                  "version": "1001-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1001-1001-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1002-1002-1000-1002"
                },
                {
                  "status": "affected",
                  "version": "1002D-1000D-1000D-1000D"
                },
                {
                  "status": "affected",
                  "version": "1003-1000-1000-1001"
                },
                {
                  "status": "affected",
                  "version": "1003-1001-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1003-1002-1001-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1000-1000-1000"
                },
                {
                  "status": "affected",
                  "version": "1004-1001-1001-1001"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1004-1003-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1004A-1001A-1002A-1000A"
                },
                {
                  "status": "affected",
                  "version": "1005-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1003-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1005-1004-1002-1001"
                },
                {
                  "status": "affected",
                  "version": "1005A-1001A-1002A-1001A"
                },
                {
                  "status": "affected",
                  "version": "1005D-1001D-1002D-1001D"
                },
                {
                  "status": "affected",
                  "version": "1006-1002-1001-1002"
                },
                {
                  "status": "affected",
                  "version": "1006-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1007-1001-1004-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1001-1003"
                },
                {
                  "status": "affected",
                  "version": "1007-1002-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1007-1004-1003-1001"
                },
                {
                  "status": "affected",
                  "version": "1008-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1008-1004-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1008D-1003D-1004D-1002D"
                },
                {
                  "status": "affected",
                  "version": "1008J-1004J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1009-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1009-1002-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1009-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1001"
                },
                {
                  "status": "affected",
                  "version": "1010-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1010-1003-1006-1004"
                },
                {
                  "status": "affected",
                  "version": "1010-1004-1007-1001"
                },
                {
                  "status": "affected",
                  "version": "1010J-1001J-1004J-1001J"
                },
                {
                  "status": "affected",
                  "version": "1010N-1003N-1005N-1002N"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002A-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1002D-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1003-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1011-1004-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1012-1001-1005PO-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1012-1003-1007-1004"
                },
                {
                  "status": "affected",
                  "version": "1013-1001-1005-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1002-1006-1002"
                },
                {
                  "status": "affected",
                  "version": "1013-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1013-1004-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1013-1005-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1013-1005-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1013K-1005K-1007PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1006-1002"
                },
                {
                  "status": "affected",
                  "version": "1014-1002-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1014-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1014-1005-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1014B-1002B-1006B-1002B"
                },
                {
                  "status": "affected",
                  "version": "1015-1001-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1002-1006-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1002-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1015-1005-1009-1004"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1004-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1005-1002"
                },
                {
                  "status": "affected",
                  "version": "1015-1006-1008-1002"
                },
                {
                  "status": "affected",
                  "version": "1015C-1004C-1003C-1005C"
                },
                {
                  "status": "affected",
                  "version": "1015K-1006K-1008PO-1002K"
                },
                {
                  "status": "affected",
                  "version": "1016-1002-1007-1002"
                },
                {
                  "status": "affected",
                  "version": "1016-1006-1013-1002"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1016-1007-1011-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1002-1007-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1007-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1003-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1017-1005-1004-1005"
                },
                {
                  "status": "affected",
                  "version": "1017-1006-1013-1002"
                },
                {
                  "status": "affected",
                  "version": "1017-1013-1014-1005"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1018-1003-1008PO-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1004-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1018-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1018-1012-1011-1010"
                },
                {
                  "status": "affected",
                  "version": "1019-1004-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1019-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1020-1004-1007-1006"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1020-1007-1009-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1003"
                },
                {
                  "status": "affected",
                  "version": "1021-1003-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1021-1005-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1021-1006-1015-1002"
                },
                {
                  "status": "affected",
                  "version": "1021-1007-1010-1003"
                },
                {
                  "status": "affected",
                  "version": "1022-1005-1007-1005"
                },
                {
                  "status": "affected",
                  "version": "1022-1005-1009-1007"
                },
                {
                  "status": "affected",
                  "version": "1022-1006-1015-1002"
                },
                {
                  "status": "affected",
                  "version": "1022-1013-1014-1010"
                },
                {
                  "status": "affected",
                  "version": "1022-1014-1016-1002-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1022Y-1014Y-1016Y-1002Y-FFFF"
                },
                {
                  "status": "affected",
                  "version": "1023-1005-1008-1006"
                },
                {
                  "status": "affected",
                  "version": "1023-1007-1016-1003"
                },
                {
                  "status": "affected",
                  "version": "1024-1019-1019-1007"
                },
                {
                  "status": "affected",
                  "version": "1025-1006-1010-1007"
                },
                {
                  "status": "affected",
                  "version": "1025-1017-1017-1011"
                },
                {
                  "status": "affected",
                  "version": "1027-1007-1019-1003"
                },
                {
                  "status": "affected",
                  "version": "1027-1021-1021-1008"
                },
                {
                  "status": "affected",
                  "version": "1028-1021-1022-1008"
                },
                {
                  "status": "affected",
                  "version": "1031-1007-1022-1003"
                },
                {
                  "status": "affected",
                  "version": "1032-1022-1024-1008"
                },
                {
                  "status": "affected",
                  "version": "1033-1018-1021-1012"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1004"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1005"
                },
                {
                  "status": "affected",
                  "version": "1035-1005-1005-1005P"
                },
                {
                  "status": "affected",
                  "version": "1035-1007-1024-1003"
                },
                {
                  "status": "affected",
                  "version": "1035-1024-1025-1008"
                },
                {
                  "status": "affected",
                  "version": "1036-1005-1006-1005"
                },
                {
                  "status": "affected",
                  "version": "1036-1007-1024-1003"
                },
                {
                  "status": "affected",
                  "version": "1036-1014-1016-1016"
                },
                {
                  "status": "affected",
                  "version": "1037-1024-1027-1008"
                },
                {
                  "status": "affected",
                  "version": "1037-1025-1027-1008"
                },
                {
                  "status": "affected",
                  "version": "1038-1021-1024-1012"
                },
                {
                  "status": "affected",
                  "version": "1038-1021-1024-1012-A5"
                },
                {
                  "status": "affected",
                  "version": "1038-1025-1028-1008"
                },
                {
                  "status": "affected",
                  "version": "1039-1005-1008-1004"
                },
                {
                  "status": "affected",
                  "version": "1039-1005-1008-1005"
                },
                {
                  "status": "affected",
                  "version": "1039-1014-1017-1016"
                },
                {
                  "status": "affected",
                  "version": "1039D-1014D-1017D-1016D"
                },
                {
                  "status": "affected",
                  "version": "1040-1026-1029-1008"
                },
                {
                  "status": "affected",
                  "version": "1041-1005-1009-1005"
                },
                {
                  "status": "affected",
                  "version": "1042-1026-1030-1008"
                },
                {
                  "status": "affected",
                  "version": "1044-1026-1030-1008"
                },
                {
                  "status": "affected",
                  "version": "1044-1026-1031-1008"
                },
                {
                  "status": "affected",
                  "version": "1045-1015-1020-1018"
                },
                {
                  "status": "affected",
                  "version": "1046-1027-1032-1008"
                },
                {
                  "status": "affected",
                  "version": "1047-1027-1031-1008"
                },
                {
                  "status": "affected",
                  "version": "1049-1027-1033-1008"
                },
                {
                  "status": "affected",
                  "version": "1050-1027-1034-1008"
                },
                {
                  "status": "affected",
                  "version": "1050-1027-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1051-1027-1035-1008"
                },
                {
                  "status": "affected",
                  "version": "1051CZ-1028-1037-1008"
                },
                {
                  "status": "affected",
                  "version": "1052-1027-1034-1008"
                },
                {
                  "status": "affected",
                  "version": "1052-1028-1038-1008"
                },
                {
                  "status": "affected",
                  "version": "1052A-1028-1038A-1008"
                },
                {
                  "status": "affected",
                  "version": "1054-1027-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1054-1028-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1055-1028-1036-1008"
                },
                {
                  "status": "affected",
                  "version": "1056-1028-1037-1008"
                },
                {
                  "status": "affected",
                  "version": "1058-1028-1039-1008"
                },
                {
                  "status": "affected",
                  "version": "1062-1028-1041-1008"
                },
                {
                  "status": "affected",
                  "version": "1065-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1068-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1069-1029-1043-1008"
                },
                {
                  "status": "affected",
                  "version": "1071-1029-1044-1008"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-D4"
                },
                {
                  "status": "affected",
                  "version": "1077-1017-1035-1007-D705FF"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "1078-1017-1036-1007-D707FF"
                },
                {
                  "status": "affected",
                  "version": "1079-1017-1037-1007"
                },
                {
                  "status": "affected",
                  "version": "1079-1017-1037-1007-D4"
                },
                {
                  "status": "affected",
                  "version": "1W77-1W17-1W35-1W07-A6"
                },
                {
                  "status": "affected",
                  "version": "A077-1017-A035-1007"
                },
                {
                  "status": "affected",
                  "version": "A077-1017-A035-1007-A6"
                },
                {
                  "status": "affected",
                  "version": "A1035-1024-A1025-1008"
                },
                {
                  "status": "affected",
                  "version": "A1038-1025-A1028-1008-D4"
                },
                {
                  "status": "affected",
                  "version": "S681-S681-S681-S681"
                },
                {
                  "status": "affected",
                  "version": "S749-S749-S749-S749"
                },
                {
                  "status": "affected",
                  "version": "S818-S818-S818-S818"
                },
                {
                  "status": "affected",
                  "version": "S820-S820-S820-S820"
                },
                {
                  "status": "affected",
                  "version": "S823-S823-S823-S823"
                },
                {
                  "status": "affected",
                  "version": "S914V-S914V-S914V-S914V"
                },
                {
                  "status": "affected",
                  "version": "S984-S984-S984-S984"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Gergely Eberhardt (SEARCH-LAB.hu)"
            }
          ],
          "datePublic": "2016-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function is used to identify \".cab\" requests, allowing any URL containing \".cab\" to bypass authentication and access protected endpoints."
                }
              ],
              "value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function is used to identify \".cab\" requests, allowing any URL containing \".cab\" to bypass authentication and access protected endpoints."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-137",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-137 Parameter Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-290",
                  "description": "CWE-290 Authentication Bypass by Spoofing",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:15.581Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/40500"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://avtech.com/"
            },
            {
              "tags": [
                "third-party-advisory",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via .cab Path Manipulation",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34053",
        "datePublished": "2025-07-01T14:45:02.858Z",
        "dateReserved": "2025-04-15T19:15:22.548Z",
        "dateUpdated": "2026-04-07T14:09:15.581Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }