Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
LILIN DVR Command Injection via NTPUpdate in dvr_box
Vulnerability Description
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
LILIN Digital Video Recorder 安全漏洞
Vulnerability Description
LILIN Digital Video Recorder是中国台湾利凌(LILIN)公司的一款录像机。 LILIN Digital Video Recorder 2.0b60_20200207之前版本存在安全漏洞,该漏洞源于命令注入,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A