CVE-2025-34054 | AVTECH DVR up to 1023-1014-1017-1002-FFFF Search.cgi?action=cgi_query queryb64str os command injection (Exploit 40500 / EDB-40500)

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability has been found in AVTECH DVR and classified as critical. Affected by this vulnerability is an unknown functionality of the file Search.cgi?action=cgi_query. The manipulation of the argument queryb64str leads to os command injection.

This vulnerability is known as CVE-2025-34054. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-34054 | AVTECH DVR up to 1023-1014-1017-1002-FFFF Search.cgi?action=cgi_query queryb64str os command injection (Exploit 40500 / EDB-40500)

Post correlati

CVE-2024-3383 | Palo Alto Networks PAN-OS up to 10.1.10/10.2.4/11.0.2 Cloud Identity Engine improper ownership management

CVE-2024-6434 | Premium Addons for Elementor Plugin up to 4.10.35 on WordPress incorrect regex

CVE-2024-9482 | AVG/Avast Antivirus 24.1 on macOS out-of-bounds write

CVE-2024-12227 | MSI Dragon Center up to 2.0.146.0 IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference