CVE-2024-3721 | TBK DVR-4104/DVR-4216 up to 20240412 device.rsp mdb/mdc os command injection

Posted by Angelo Barbosa | Apr 12, 2024 | CVE

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection.

The identification of this vulnerability is CVE-2024-3721. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-3721 | TBK DVR-4104/DVR-4216 up to 20240412 device.rsp mdb/mdc os command injection

Related Posts

CVE-2024-45758 | h2oai H2O up to 3.46.0.4 JDBC Connection connection_url deserialization

CVE-2024-3690 | PHPGurukul Small CRM 3.0 Change Password sql injection

CVE-2024-0433 | Gestpay for WooCommerce Plugin up to 20221130 on WordPress ajax_unset_default_card cross-site request forgery

CVE-2024-0427 | ARForms Plugin up to 6.4.0 on WordPress cross site scripting