CNNVD-202506-3021 Information

CNNVD ID

CNNVD-202506-3021

Related CVE

CVE-2025-34036

• CNNVD Published: 2025-06-24

Description (Chinese)

TVT DVR是中国同为（TVT）公司的一款视频录像机。 TVT DVR存在操作系统命令注入漏洞，该漏洞源于Cross Web Server中language参数未清理导致OS命令注入攻击。

Description (English)

TVT DVD is a video recorder from China, also a company (TVT). TVT DVR had an operational system command leak that originated from the failure to clear the blueguage parameters in Cross Web Server, which led to the OS command injection attack.

Hazard Level

Low

Vulnerability Type

操作系统命令注入

Affected Vendor

同为

Published

2025-06-24

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/39596 https://vulncheck.com/advisories/shenzhen-tvt-cctv-dvr-command-injection http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html https://web.archive.org/web/20160322204109/ https://access.redhat.com/security/cve/cve-2025-34036