Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LILIN DVR Arbitrary File Read via net_html.cgi
Vulnerability Description
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot.
CVSS Information
N/A
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
LILIN Digital Video Recorder 安全漏洞
Vulnerability Description
LILIN Digital Video Recorder是中国台湾利凌(LILIN)公司的一款录像机。 LILIN Digital Video Recorder 2.0b60_20200207之前版本存在安全漏洞,该漏洞源于任意文件读取,可能导致读取敏感配置文件。
CVSS Information
N/A
Vulnerability Type
N/A