Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TVT NVMS-9000 Hard-coded API Credentials & Command Injection
Vulnerability Description
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor credential string and passes user-controlled fields into shell execution contexts without proper argument sanitization. An unauthenticated remote attacker can leverage the hard-coded credential to access endpoints such as /editBlackAndWhiteList and inject shell metacharacters inside XML parameters, resulting in arbitrary command execution as root. The same vulnerable backend is also reachable in some models through a proprietary TCP service on port 4567 that accepts a magic GUID preface and base64-encoded XML, enabling the same command injection sink. Firmware releases from mid-February 2018 and later are reported to have addressed this issue. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-28 UTC.
CVSS Information
N/A
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
TVT NVMS-9000 安全漏洞
Vulnerability Description
TVT NVMS-9000是中国同为(TVT)公司的一款数字视频录像机。 TVT NVMS-9000 1.3.4之前版本存在安全漏洞,该漏洞源于包含硬编码API凭据和配置服务中存在OS命令注入缺陷,可能导致任意命令执行。
CVSS Information
N/A
Vulnerability Type
N/A