Sign-up

ID

VAR-201804-1732


TITLE

Multiple Vulnerabilities in TVT DVR/NVR/IPC

Trust: 0.6

sources: CNVD: CNVD-2018-07622

DESCRIPTION

Shenzhen Tongwei Digital Technology Co., Ltd. (TVT) is a world-class product and system solution provider for video security in R&D, production, sales and service. It provides users in more than 120 countries and regions around the world. Core competing video security products and solutions. 1) TVTDVR/NVR/IPC has hard-coded Web management interface credentials, remote command execution on Web management interface, Base64-based authentication stack overflow, hard-coded telnet credentials, TCP/4567 port information leakage and remote command execution vulnerability. An attacker can exploit the vulnerability to obtain hard-coded passwords; insert arbitrary commands into the POST XML data and execute them, combined with hard-coded Web management interface credentials vulnerabilities, can be executed without restrictions on remote commands; based on hard-coded credentials, can be downloaded from TCP/4567 port The configuration file of the remote system, which contains the name and password of the civilized name. By sending a specially crafted base64 encoded XML packet (containing a 32-byte binary header) to the TCP/4567 port, an unauthenticated remote command execution vulnerability can result.

Trust: 0.6

sources: CNVD: CNVD-2018-07622

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-07622

AFFECTED PRODUCTS

vendor:tvt digitalmodel:dvr/nvr/ipcscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-07622

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-07622
value: HIGH

Trust: 0.6

CNVD: CNVD-2018-07622
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2018-07622

PATCH

title:TVTDVR/NVR/IPC has multiple vulnerabilitiesurl:https://www.cnvd.org.cn/patchinfo/show/125537

Trust: 0.6

sources: CNVD: CNVD-2018-07622

EXTERNAL IDS

db:CNVDid:CNVD-2018-07622

Trust: 0.6

sources: CNVD: CNVD-2018-07622

REFERENCES

url:https://github.com/mcw0/poc/blob/master/tvt_and_oem_ipc_nvr_dvr_rce_b

Trust: 0.6

url:https://github.com/mcw0/poc/blob/master/tvt-poc.py

Trust: 0.6

url:http://en.tvt.net.cn/news/227.html

Trust: 0.6

sources: CNVD: CNVD-2018-07622

SOURCES

db:CNVDid:CNVD-2018-07622

LAST UPDATE DATE

2022-05-04T08:38:03.623000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-07622date:2018-04-13T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-07622date:2018-04-13T00:00:00