Vulnerability-Lookup

CVE-2025-36529 (GCVE-0-2025-36529)

Vulnerability from cvelistv5 – Published: 2025-06-27 05:23 – Updated: 2025-06-30 18:47

Summary

An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')

Assigner

jpcert

References

2 references

URL	Tags
https://www.tbeye.com/topics/ahd/
https://jvn.jp/en/vu/JVNVU93396297/

Impacted products

17 products

Vendor	Product	Version
TB-eye Ltd.	XRN-410SN/TE	Affected: firmware versions Ver2.47b_220119153805 and earlier
TB-eye Ltd.	XRN-810SN/TE	Affected: firmware versions Ver2.47b_220119153805 and earlier
TB-eye Ltd.	XRN-1610SN/TE	Affected: firmware versions Ver2.47b_210516234524 and earlier
TB-eye Ltd.	PRN-4011N/TE	Affected: firmware versions Ver2.51p_231208081715 and earlier
TB-eye Ltd.	HRX-421FN/TE	Affected: firmware versions Ver3.05.62 and earlier
TB-eye Ltd.	HRX-821/TE	Affected: firmware versions Ver3.05.62 and earlier
TB-eye Ltd.	HRX-1621/TE	Affected: firmware versions Ver3.05.62 and earlier
TB-eye Ltd.	HRX-435FN/TE	Affected: firmware versions Ver5.31.72 and earlier
TB-eye Ltd.	HRX-835/TE	Affected: firmware versions Ver5.31.72 and earlier
TB-eye Ltd.	HRX-1635/TE	Affected: firmware versions Ver5.31.72 and earlier
TB-eye Ltd.	XRN-425SFN/TE	Affected: firmware versions Ver5.31.32 and earlier
TB-eye Ltd.	XRN-426S	Affected: firmware versions Ver5.33.12 and earlier
TB-eye Ltd.	XRN-820S/TE	Affected: firmware versions Ver5.34.12 and earlier
TB-eye Ltd.	XRN-1620S/TE	Affected: firmware versions Ver5.34.12 and earlier
TB-eye Ltd.	XRN-3210R/TE	Affected: firmware versions Ver5.34.12 and earlier
TB-eye Ltd.	XRN-6410R/TE	Affected: firmware versions Ver5.34.12 and earlier
TB-eye Ltd.	XRN-6410DR/TE	Affected: firmware versions Ver5.34.12 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-36529",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-30T18:40:49.174491Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-30T18:47:15.964Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "XRN-410SN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver2.47b_220119153805 and earlier"
            }
          ]
        },
        {
          "product": "XRN-810SN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver2.47b_220119153805 and earlier"
            }
          ]
        },
        {
          "product": "XRN-1610SN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver2.47b_210516234524 and earlier"
            }
          ]
        },
        {
          "product": "PRN-4011N/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver2.51p_231208081715 and earlier"
            }
          ]
        },
        {
          "product": "HRX-421FN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver3.05.62 and earlier"
            }
          ]
        },
        {
          "product": "HRX-821/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver3.05.62 and earlier"
            }
          ]
        },
        {
          "product": "HRX-1621/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver3.05.62 and earlier"
            }
          ]
        },
        {
          "product": "HRX-435FN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.31.72 and earlier"
            }
          ]
        },
        {
          "product": "HRX-835/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.31.72 and earlier"
            }
          ]
        },
        {
          "product": "HRX-1635/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.31.72 and earlier"
            }
          ]
        },
        {
          "product": "XRN-425SFN/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.31.32 and earlier"
            }
          ]
        },
        {
          "product": "XRN-426S",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.33.12 and earlier"
            }
          ]
        },
        {
          "product": "XRN-820S/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.34.12 and earlier"
            }
          ]
        },
        {
          "product": "XRN-1620S/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.34.12 and earlier"
            }
          ]
        },
        {
          "product": "XRN-3210R/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.34.12 and earlier"
            }
          ]
        },
        {
          "product": "XRN-6410R/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.34.12 and earlier"
            }
          ]
        },
        {
          "product": "XRN-6410DR/TE",
          "vendor": "TB-eye Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "firmware versions Ver5.34.12 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-27T05:23:27.330Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.tbeye.com/topics/ahd/"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU93396297/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-36529",
    "datePublished": "2025-06-27T05:23:27.330Z",
    "dateReserved": "2025-06-24T23:58:17.896Z",
    "dateUpdated": "2025-06-30T18:47:15.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-36529",
      "date": "2026-06-06",
      "epss": "0.01425",
      "percentile": "0.8099"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-36529\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2025-06-27T06:15:24.587\",\"lastModified\":\"2025-06-30T18:38:48.477\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.\"},{\"lang\":\"es\",\"value\":\"Existe un problema de inyecci\u00f3n de comandos del sistema operativo en varias versiones de TB-eye network recorders y AHD recorders. Si se explota esta vulnerabilidad, un atacante que inicie sesi\u00f3n en el dispositivo podr\u00eda ejecutar un comando arbitrario del sistema operativo.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU93396297/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://www.tbeye.com/topics/ahd/\",\"source\":\"vultures@jpcert.or.jp\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-36529\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-30T18:40:49.174491Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-30T18:47:08.221Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-410SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_220119153805 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-810SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_220119153805 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-1610SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_210516234524 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"PRN-4011N/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.51p_231208081715 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-421FN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-821/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-1621/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-435FN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-835/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-1635/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-425SFN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.32 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-426S\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.33.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-820S/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-1620S/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-3210R/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-6410R/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-6410DR/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}], \"references\": [{\"url\": \"https://www.tbeye.com/topics/ahd/\"}, {\"url\": \"https://jvn.jp/en/vu/JVNVU93396297/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2025-06-27T05:23:27.330Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-36529\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-30T18:47:15.964Z\", \"dateReserved\": \"2025-06-24T23:58:17.896Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2025-06-27T05:23:27.330Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2025-36529

Vulnerability from fkie_nvd - Published: 2025-06-27 06:15 - Updated: 2026-04-15 00:35

Severity

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	vultures@jpcert.or.jp	https://jvn.jp/en/vu/JVNVU93396297/
	vultures@jpcert.or.jp	https://www.tbeye.com/topics/ahd/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device."
    },
    {
      "lang": "es",
      "value": "Existe un problema de inyecci\u00f3n de comandos del sistema operativo en varias versiones de TB-eye network recorders y AHD recorders. Si se explota esta vulnerabilidad, un atacante que inicie sesi\u00f3n en el dispositivo podr\u00eda ejecutar un comando arbitrario del sistema operativo."
    }
  ],
  "id": "CVE-2025-36529",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "vultures@jpcert.or.jp",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "vultures@jpcert.or.jp",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-27T06:15:24.587",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://jvn.jp/en/vu/JVNVU93396297/"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://www.tbeye.com/topics/ahd/"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "vultures@jpcert.or.jp",
      "type": "Secondary"
    }
  ]
}

GHSA-7CGG-PGRP-FGQ7

Vulnerability from github – Published: 2025-06-27 06:31 – Updated: 2025-06-27 06:31

Details

Severity

7.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8.6 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-36529"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-27T06:15:24Z",
    "severity": "HIGH"
  },
  "details": "An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.",
  "id": "GHSA-7cgg-pgrp-fgq7",
  "modified": "2025-06-27T06:31:17Z",
  "published": "2025-06-27T06:31:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36529"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU93396297"
    },
    {
      "type": "WEB",
      "url": "https://www.tbeye.com/topics/ahd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

JVNDB-2025-007552

Vulnerability from jvndb - Published: 2025-06-30 14:45 - Updated:2025-06-30 14:45

Severity

7.2 (High) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in TB-eye network recorders and AHD recorders

Details

Network recorders and AHD recorders provided by TB-eye Ltd. contain multiple vulnerabilities listed below. * OS command injection (CWE-78) - CVE-2025-36529 * Classic buffer overflow (CWE-120) - CVE-2025-41418 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.

References

Type

URL

	JVN	https://jvn.jp/en/vu/JVNVU93396297/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2025-36529
	CVE	https://www.cve.org/CVERecord?id=CVE-2025-41418
	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')(CWE-120)	https://cwe.mitre.org/data/definitions/120.html
	OS Command Injection(CWE-78)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	TB-eye Ltd.	HRX-1621/TE firmware
	TB-eye Ltd.	HRX-1635/TE firmware
	TB-eye Ltd.	HRX-421FN/TE firmware
	TB-eye Ltd.	HRX-435FN/TE firmware
	TB-eye Ltd.	HRX-821/TE firmware
	TB-eye Ltd.	HRX-835/TE firmware
	TB-eye Ltd.	PRN-4011N/TE firmware
	TB-eye Ltd.	XRN-1610SN/TE firmware
	TB-eye Ltd.	XRN-1620S/TE firmware
	TB-eye Ltd.	XRN-3210R/TE firmware
	TB-eye Ltd.	XRN-410SN/TE firmware
	TB-eye Ltd.	XRN-425SFN/TE firmware
	TB-eye Ltd.	XRN-426S firmware
	TB-eye Ltd.	XRN-6410DR/TE firmware
	TB-eye Ltd.	XRN-6410R/TE firmware
	TB-eye Ltd.	XRN-810SN/TE firmware
	TB-eye Ltd.	XRN-820S/TE firmware

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-007552.html",
  "dc:date": "2025-06-30T14:45+09:00",
  "dcterms:issued": "2025-06-30T14:45+09:00",
  "dcterms:modified": "2025-06-30T14:45+09:00",
  "description": "Network recorders and AHD recorders provided by TB-eye Ltd. contain multiple vulnerabilities listed below.\r\n\r\n  * OS command injection (CWE-78) - CVE-2025-36529\r\n  * Classic buffer overflow (CWE-120) - CVE-2025-41418\r\n\r\nChuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-007552.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-1621%2Fte_firmware",
      "@product": "HRX-1621/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-1635%2Fte_firmware",
      "@product": "HRX-1635/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-421fn%2Fte_firmware",
      "@product": "HRX-421FN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-435fn%2Fte_firmware",
      "@product": "HRX-435FN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-821%2Fte_firmware",
      "@product": "HRX-821/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_hrx-835%2Fte_firmware",
      "@product": "HRX-835/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_prn-4011n%2Fte_firmware",
      "@product": "PRN-4011N/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-1610sn%2Fte_firmware",
      "@product": "XRN-1610SN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-1620s%2Fte_firmware",
      "@product": "XRN-1620S/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-3210r%2Fte_firmware",
      "@product": "XRN-3210R/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-410sn%2Fte_firmware",
      "@product": "XRN-410SN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-425sfn%2Fte_firmware",
      "@product": "XRN-425SFN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-426s_firmware",
      "@product": "XRN-426S firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-6410dr%2Fte_firmware",
      "@product": "XRN-6410DR/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-6410r%2Fte_firmware",
      "@product": "XRN-6410R/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-810sn%2Fte_firmware",
      "@product": "XRN-810SN/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:tb-eye_xrn-820s%2Fte_firmware",
      "@product": "XRN-820S/TE firmware",
      "@vendor": "TB-eye Ltd.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.2",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2025-007552",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU93396297/index.html",
      "@id": "JVNVU#93396297",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-36529",
      "@id": "CVE-2025-36529",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-41418",
      "@id": "CVE-2025-41418",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/120.html",
      "@id": "CWE-120",
      "@title": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)(CWE-120)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-78",
      "@title": "OS Command Injection(CWE-78)"
    }
  ],
  "title": "Multiple vulnerabilities in TB-eye network recorders and AHD recorders"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-36529 (GCVE-0-2025-36529)

FKIE_CVE-2025-36529

GHSA-7CGG-PGRP-FGQ7

JVNDB-2025-007552

Tags

Sightings

Nomenclature