CVE-2025-34050 Information
Jul 02, 2025
cve
Description
A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera DVR and NVR devices. An attacker can craft malicious requests that when executed in the context of an authenticated user’s browser session allow unauthorized changes to the device configuration without user interaction.
Reference
https://avtech.com/ https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities https://www.exploit-db.com/exploits/40500
Related CNNVD
CNNVD-202507-044 (Published: 2025-07-01)
Share on: