Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for td-2104ts-cl_firmware by tvt

    CVE-2025-34036 (GCVE-0-2025-34036)

    Vulnerability from nvd – Published: 2025-06-24 01:00 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    Title
    Shenzhen TVT CCTV-DVR Command Injection
    Summary
    An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://web.archive.org/web/20160322204109/http:/… third-party-advisoryexploittechnical-description
    https://www.exploit-db.com/exploits/39596 third-party-advisoryexploit
    https://vulncheck.com/advisories/shenzhen-tvt-cct… third-party-advisory
    Impacted products
    Vendor Product Version
    Shenzhen TVT CCTV-DVR Affected: 0 (semver)
    Create a notification for this product.
    Date Public
    2016-03-23 00:00
    Credits
    Ophir Harpaz (k1p0d)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34036",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T13:29:49.719646Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-24T13:29:52.559Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20160322204109/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web Management Interface (language localization handler in HTTP server binary td3520a)"
              ],
              "product": "CCTV-DVR",
              "vendor": "Shenzhen TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ophir Harpaz (k1p0d)"
            }
          ],
          "datePublic": "2016-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called \"Cross Web Server\" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC."
                }
              ],
              "value": "An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called \"Cross Web Server\" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:11.039Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20160322204109/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/39596"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/shenzhen-tvt-cctv-dvr-command-injection"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "Shenzhen TVT CCTV-DVR Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34036",
        "datePublished": "2025-06-24T01:00:52.579Z",
        "dateReserved": "2025-04-15T19:15:22.546Z",
        "dateUpdated": "2026-04-07T14:09:11.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7339 (GCVE-0-2024-7339)

    Vulnerability from nvd – Published: 2024-08-01 04:00 – Updated: 2024-08-07 14:31
    Title
    TVT DVR TD-2104TS-CL queryDevInfo information disclosure
    Summary
    A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273262 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TVT DVR TD-2104TS-CL Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT DVR TD-2108TS-HP Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT Provision-ISR DVR SH-4050A5-5L(MM) Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT AVISION DVR AV108T Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    tvt dvr_td_2014ts_cl Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U1\/4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U1\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2018ts_hp Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U1\/4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
        cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt provision_isr_dvr_sh_4050a5_5l\/mm\/ Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
        cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\/mm\/:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2014ts_cl Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2018ts_hp Affected: 1.3.4.24513B190218.D00.U\/(8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt provision_isr_dvr_sh_4050a5_5l\/mm\/ Affected: 1.3.4.22966B181219.D00.U\/(4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U1\/8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\/mm\/:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt avision_dvr_av108t Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U\/(4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U\/8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:avision_dvr_av108t:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    netsecfish (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2014ts_cl",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U1\\/4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U1\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2018ts_hp",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U1\\/4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\\/mm\\/:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "provision_isr_dvr_sh_4050a5_5l\\/mm\\/",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2014ts_cl",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2018ts_hp",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U\\/(8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\\/mm\\/:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "provision_isr_dvr_sh_4050a5_5l\\/mm\\/",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U\\/(4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U1\\/8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:avision_dvr_av108t:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "avision_dvr_av108t",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U\\/(4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U\\/8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7339",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T13:22:06.986415Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:31:11.792Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DVR TD-2104TS-CL",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "DVR TD-2108TS-HP",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "Provision-ISR DVR SH-4050A5-5L(MM)",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "AVISION DVR AV108T",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "netsecfish (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273262 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /queryDevInfo. Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-01T04:00:10.091Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-273262 | TVT DVR TD-2104TS-CL queryDevInfo information disclosure",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.273262"
            },
            {
              "name": "VDB-273262 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.273262"
            },
            {
              "name": "Submit #379373 | TVT TD-2104TS-CL, TD-2108TS-HP, SH-4050A5-5L(MM), AV108T, ... 1.3.4.22966B181219.D00.U1(4A21S), 1.3.4.22966B181219.D14.U1(8A41T), 1.3.4.22966B181219.D44.U1(16A82T), 1.3.4.24513B190218.D00.U1 Information Disclosure",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.379373"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-TVT-DVR-fad1cce703d946969be5130bf3aaac0d?pvs=4"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-31T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-31T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-31T14:40:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TVT DVR TD-2104TS-CL queryDevInfo information disclosure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-7339",
        "datePublished": "2024-08-01T04:00:10.091Z",
        "dateReserved": "2024-07-31T12:34:44.446Z",
        "dateUpdated": "2024-08-07T14:31:11.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-34036 (GCVE-0-2025-34036)

    Vulnerability from cvelistv5 – Published: 2025-06-24 01:00 – Updated: 2026-04-07 14:09 X_Known Exploited Vulnerability
    Title
    Shenzhen TVT CCTV-DVR Command Injection
    Summary
    An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    URL Tags
    https://web.archive.org/web/20160322204109/http:/… third-party-advisoryexploittechnical-description
    https://www.exploit-db.com/exploits/39596 third-party-advisoryexploit
    https://vulncheck.com/advisories/shenzhen-tvt-cct… third-party-advisory
    Impacted products
    Vendor Product Version
    Shenzhen TVT CCTV-DVR Affected: 0 (semver)
    Create a notification for this product.
    Date Public
    2016-03-23 00:00
    Credits
    Ophir Harpaz (k1p0d)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-34036",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-24T13:29:49.719646Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-24T13:29:52.559Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://web.archive.org/web/20160322204109/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Web Management Interface (language localization handler in HTTP server binary td3520a)"
              ],
              "product": "CCTV-DVR",
              "vendor": "Shenzhen TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ophir Harpaz (k1p0d)"
            }
          ],
          "datePublic": "2016-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called \"Cross Web Server\" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root.\u0026nbsp;Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC."
                }
              ],
              "value": "An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called \"Cross Web Server\" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When the server processes a request to /language/[lang]/index.html, it uses the [lang] input unsafely in a tar extraction command without proper escaping. This allows an unauthenticated remote attacker to inject shell commands and achieve arbitrary command execution as root.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:09:11.039Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory",
                "exploit",
                "technical-description"
              ],
              "url": "https://web.archive.org/web/20160322204109/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html"
            },
            {
              "tags": [
                "third-party-advisory",
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/39596"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vulncheck.com/advisories/shenzhen-tvt-cctv-dvr-command-injection"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "tags": [
            "x_known-exploited-vulnerability"
          ],
          "title": "Shenzhen TVT CCTV-DVR Command Injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2025-34036",
        "datePublished": "2025-06-24T01:00:52.579Z",
        "dateReserved": "2025-04-15T19:15:22.546Z",
        "dateUpdated": "2026-04-07T14:09:11.039Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7339 (GCVE-0-2024-7339)

    Vulnerability from cvelistv5 – Published: 2024-08-01 04:00 – Updated: 2024-08-07 14:31
    Title
    TVT DVR TD-2104TS-CL queryDevInfo information disclosure
    Summary
    A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273262 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TVT DVR TD-2104TS-CL Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT DVR TD-2108TS-HP Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT Provision-ISR DVR SH-4050A5-5L(MM) Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    TVT AVISION DVR AV108T Affected: 1.3.3.20657B180918.D06.U2(4A41T)
    Affected: 1.3.4.22966B181219.D00.U1(4A21S)
    Affected: 1.3.4.22966B181219.D14.U1(8A41T)
    Affected: 1.3.4.22966B181219.D44.U1(16A82T)
    Affected: 1.3.4.24513B190218.D00.U1(8A21S)
    Affected: 1.3.4.24879B190222.D00.U2(8A21S)
    Create a notification for this product.
    tvt dvr_td_2014ts_cl Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U1\/4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U1\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2018ts_hp Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U1\/4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
        cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt provision_isr_dvr_sh_4050a5_5l\/mm\/ Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
        cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\/mm\/:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2014ts_cl Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt dvr_td_2018ts_hp Affected: 1.3.4.24513B190218.D00.U\/(8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt provision_isr_dvr_sh_4050a5_5l\/mm\/ Affected: 1.3.4.22966B181219.D00.U\/(4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U1\/8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\/mm\/:*:*:*:*:*:*:*:*
    Create a notification for this product.
    tvt avision_dvr_av108t Affected: 1.3.3.20657B180918.D06.U2\/4A41T\/
    Affected: 1.3.4.22966B181219.D00.U\/(4A21S\/
    Affected: 1.3.4.22966B181219.D14.U1\/8A41T\/
    Affected: 1.3.4.22966B181219.D44.U1\/16A82T\/
    Affected: 1.3.4.24513B190218.D00.U\/8A21S\/
    Affected: 1.3.4.24879B190222.D00.U2\/8A21S\/
        cpe:2.3:a:tvt:avision_dvr_av108t:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    netsecfish (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2014ts_cl",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U1\\/4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U1\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2018ts_hp",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U1\\/4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\\/mm\\/:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "provision_isr_dvr_sh_4050a5_5l\\/mm\\/",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2014ts_cl:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2014ts_cl",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:dvr_td_2018ts_hp:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_td_2018ts_hp",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U\\/(8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:provision_isr_dvr_sh_4050a5_5l\\/mm\\/:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "provision_isr_dvr_sh_4050a5_5l\\/mm\\/",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U\\/(4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U1\\/8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:tvt:avision_dvr_av108t:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "avision_dvr_av108t",
                "vendor": "tvt",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3.3.20657B180918.D06.U2\\/4A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D00.U\\/(4A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D14.U1\\/8A41T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.22966B181219.D44.U1\\/16A82T\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24513B190218.D00.U\\/8A21S\\/"
                  },
                  {
                    "status": "affected",
                    "version": "1.3.4.24879B190222.D00.U2\\/8A21S\\/"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7339",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T13:22:06.986415Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:31:11.792Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DVR TD-2104TS-CL",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "DVR TD-2108TS-HP",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "Provision-ISR DVR SH-4050A5-5L(MM)",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            },
            {
              "product": "AVISION DVR AV108T",
              "vendor": "TVT",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.3.20657B180918.D06.U2(4A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D00.U1(4A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D14.U1(8A41T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.22966B181219.D44.U1(16A82T)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24513B190218.D00.U1(8A21S)"
                },
                {
                  "status": "affected",
                  "version": "1.3.4.24879B190222.D00.U2(8A21S)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "netsecfish (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273262 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
            },
            {
              "lang": "de",
              "value": "In TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /queryDevInfo. Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Disclosure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-01T04:00:10.091Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-273262 | TVT DVR TD-2104TS-CL queryDevInfo information disclosure",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.273262"
            },
            {
              "name": "VDB-273262 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.273262"
            },
            {
              "name": "Submit #379373 | TVT TD-2104TS-CL, TD-2108TS-HP, SH-4050A5-5L(MM), AV108T, ... 1.3.4.22966B181219.D00.U1(4A21S), 1.3.4.22966B181219.D14.U1(8A41T), 1.3.4.22966B181219.D44.U1(16A82T), 1.3.4.24513B190218.D00.U1 Information Disclosure",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.379373"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-TVT-DVR-fad1cce703d946969be5130bf3aaac0d?pvs=4"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-07-31T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-07-31T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-07-31T14:40:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TVT DVR TD-2104TS-CL queryDevInfo information disclosure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-7339",
        "datePublished": "2024-08-01T04:00:10.091Z",
        "dateReserved": "2024-07-31T12:34:44.446Z",
        "dateUpdated": "2024-08-07T14:31:11.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }