CVE-2024-41882 Information

Description

Team ENVY a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters which will result in a system reboot. The manufacturer has released patch firmware for the flaw please refer to the manufacturer’s report for details and workarounds.

Reference

https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf