支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款
一、 漏洞 CVE-2018-9995 基础信息
漏洞信息
                                        # N/A

## 漏洞概述
TBK DVR4104 和 DVR4216 设备及其多个重新品牌版本(如 Novo、CeNova、QSee、Pulnix、XVR 5 in 1、Securus、Night OWL、DVR Login、HVR Login 和 MDVR Login)存在漏洞,允许远程攻击者通过发送带有 "Cookie: uid=admin" 头的请求来绕过身份验证。

## 受影响版本
- TBK DVR4104
- TBK DVR4216
- Novo
- CeNova
- QSee
- Pulnix
- XVR 5 in 1
- Securus
- Night OWL
- DVR Login
- HVR Login
- MDVR Login

## 漏洞细节
通过向受感染设备发送包含 "Cookie: uid=admin" 头的请求,例如 `device.rsp?opt=user&cmd=list`,可以获取包含在 JSON 数据中的凭证。这使得攻击者能够在无需有效凭证的情况下进行身份验证。

## 影响
远程攻击者能够通过利用此漏洞绕过身份验证,获取敏感凭证并在未经授权的情况下访问设备。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞允许远程攻击者通过在HTTP请求头中添加“Cookie: uid=admin”来绕过身份验证,这意味着攻击者无需合法的凭证即可访问设备的管理界面或获取敏感信息。这显然是一个服务端的安全漏洞,因为它暴露了服务器端对认证机制的不当处理。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
TBK DVR4104和DVR4216 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
信任管理问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2018-9995 的公开POC
#POC 描述源链接神龙链接
1(CVE-2018-9995) Get DVR Credentialshttps://github.com/ezelf/CVE-2018-9995_dvr_credentialsPOC详情
2CVE-2018-9995_Batch_scanning_exphttps://github.com/zzh217/CVE-2018-9995_Batch_scanning_expPOC详情
3DVR系列摄像头批量检测https://github.com/Huangkey/CVE-2018-9995_checkPOC详情
4Nonehttps://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfsPOC详情
5exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: "XVR Login"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )https://github.com/shacojx/cve-2018-9995POC详情
6DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995https://github.com/Cyb0r9/DVR-ExploiterPOC详情
7DVR username password recovery.https://github.com/codeholic2k18/CVE-2018-9995POC详情
8Nonehttps://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfsPOC详情
9Nonehttps://github.com/ABIZCHI/CVE-2018-9995_dvr_credentialsPOC详情
10Nonehttps://github.com/IHA114/CVE-2018-9995_dvr_credentialsPOC详情
11webcam bug (python)https://github.com/likaifeng0/CVE-2018-9995_dvr_credentials-dev_toolPOC详情
12CVE-2018-9995 POChttps://github.com/b510/CVE-2018-9995-POCPOC详情
13Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995https://github.com/withmasday/HTCPOC详情
14Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995https://github.com/awesome-consumer-iot/HTCPOC详情
15CVE-2018-9995 هک دوربین مداربسته با آسیب پذیری https://github.com/Saeed22487/CVE-2018-9995POC详情
16Nonehttps://github.com/kienquoc102/CVE-2018-9995-2POC详情
17Nonehttps://github.com/dearpan/cve-2018-9995POC详情
18Nonehttps://github.com/LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995POC详情
19Nonehttps://github.com/hoaan1995/CVE-2018-9995POC详情
20.NET console application that exploits CVE-2018-9995 vulnerabilityhttps://github.com/ST0PL/DVRFaultNETPOC详情
21A PoC exploit for CVE-2018-9995 - DVR Authentication Bypasshttps://github.com/K3ysTr0K3R/CVE-2018-9995-EXPLOITPOC详情
22CVE-2018-9995 Exploit Tool for Python3https://github.com/Pab450/CVE-2018-9995POC详情
23Nonehttps://github.com/MrAli-Code/CVE-2018-9995_dvr_credentialsPOC详情
24Nonehttps://github.com/arminarab1999/CVE-2018-9995POC详情
25Nonehttps://github.com/DOCKTYPe19/CVE-2018-9995POC详情
26Simple python3 script to automate CVE-2018-9995https://github.com/X3RX3SSec/DVR_SploitPOC详情
27Nonehttps://github.com/batmoshka55/CVE-2018-9995_dvr_credentialsPOC详情
28Este script está creado para mostar usuarios de DVR, VULNERABILIDAD (CVE-2018-9995)https://github.com/dego905/CamPOC详情
29Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995https://github.com/wmasday/HTCPOC详情
30CVE-2018-9995https://github.com/A-Alabdoo/CVE-DVrPOC详情
31TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-9995.yamlPOC详情
32Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/DVR%20%E7%99%BB%E5%BD%95%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%20CVE-2018-9995.mdPOC详情
33A tool for scanning DVR systems vulnerable to CVE-2018-9995 credential disclosure. Educational purposes only - demonstrates how attackers exploit authentication bypasses in DVR/IP camera systems. Includes detailed guides for finding, testing, and understanding the vulnerability.https://github.com/its-anya/DVR_Credential_ScannerPOC详情
34(CVE-2018-9995) Get DVR Credentialshttps://github.com/jameseyes/DVRCPOC详情
35POC of CVE-2018-9995 written in Rust.https://github.com/0xDamian/CVE-2018-9995-rsPOC详情
36exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: "XVR Login"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )https://github.com/mesutozsoycom/cve-2018-9995POC详情
三、漏洞 CVE-2018-9995 的情报信息
四、漏洞 CVE-2018-9995 的评论

暂无评论

发表评论