CVE-2025-34054 | AVTECH DVR up to 1023-1014-1017-1002-FFFF Search.cgi?action=cgi_query queryb64str os command injection (Exploit 40500 / EDB-40500)

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability has been found in AVTECH DVR and classified as critical. Affected by this vulnerability is an unknown functionality of the file Search.cgi?action=cgi_query. The manipulation of the argument queryb64str leads to os command injection.

This vulnerability is known as CVE-2025-34054. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-34054 | AVTECH DVR up to 1023-1014-1017-1002-FFFF Search.cgi?action=cgi_query queryb64str os command injection (Exploit 40500 / EDB-40500)

Post correlati

CVE-2024-11742 | SourceCodester Best House Rental Management System 1.0 ajax.php?action=save_tenant lastname/firstname/middlename cross site scripting

CVE-2024-11366 | SEO Landing Page Generator Plugin up to 1.66.2 on WordPress cross site scripting

CVE-2024-31228 | Redis up to 7.2.5 Pattern Matching src/util.c denial of service

CVE-2024-5375 | Kashipara College Management System 1.0 submit_student.php address cross site scripting