CNNVD-202511-2607 Information

Nov 24, 2025 cve

CNNVD ID

CNNVD-202511-2607

CVE-2024-14007

CNNVD Published: 2025-11-24

Description (Chinese)

TVT NVMS-9000是中国同为（TVT）公司的一款数字视频录像机。 TVT NVMS-9000 1.3.4之前版本存在安全漏洞，该漏洞源于NVMS-9000控制协议中存在认证绕过，可能导致敏感信息泄露。

Description (English)

TVT NVMS-9000 is a digital video recorder of the same Chinese company (TVT). There was a security loophole in the previous version of TVT NVMS-9000 1.3.4, which resulted from the presence of a authentication bypass in the NVMS-9000 control protocol, which could lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

同为

Published

2025-11-24

Last Modified

2026-02-24

References

https://undercodetesting.com/eleven11-botnet-mirai-variant-targeting-nvms-9000-devices/ https://www.greynoise.io/blog/surge-exploitation-attempts-tvt-dvrs https://www.vulncheck.com/advisories/tvt-nvms9000-unauthenticated-admin-queries-and-information-disclosure https://ssd-disclosure.com/ssd-advisory-nvms9000-information-disclosure/ https://access.redhat.com/security/cve/cve-2024-14007

Share on: