AVTech IP Camera, DVR, and NVR Devices Multiple Vulnerabilities | Advisories

Go back

AVTech IP Camera, DVR, and NVR Devices Multiple Vulnerabilities

severity: critical
date: June 30, 2025
Affecting: AVTech IP Camera
AVTech DVR
AVTech NVR
CVE: CVE-2013-4985, CVE-2017-5173, CVE-2020-9312, CVE-2025-34050, CVE-2025-34051, CVE-2025-34052, CVE-2025-34053, CVE-2025-34054, CVE-2025-34055, CVE-2025-34056, CVE-2025-34065, CVE-2025-34066
CVE type: Authentication Bypass,Buffer Overflow,Cleartext Credentials,Cross-Site Request Forgery,OS Command Injection,Path Traversal,Server-Side Request Forgery
CVSS: 10
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
References: Exploitation in the Wild (CVE-2024-33470)
Researcher Disclosure
Exploit
Credit: Gergely Eberhardt of SEARCH-LAB.hu