Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE" because of the easily identifying HTTP response server field. Other firmware versions, at least from 2014 through 2019, can be affected. This was exploited in the wild in 2017 through 2022.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MV POWER CCTV DVR 安全漏洞
Vulnerability Description
MV POWER CCTV DVR是MV POWER公司的一系列闭路电视摄像头。 MV POWER CCTV DVR TV-7104HE 1.8.4 115215B9版本和TV7108HE版本存在安全漏洞。攻击者利用该漏洞可以作为root用户执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A