| TVN ID | TVN-202506009 |
|---|---|
| CVE ID | CVE-2025-6562 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Affected models:HBF-09KD、HBF-16NK Affected firmware version:V3.1.67_1786 BB11115 and earlier |
| Description | Certain hybrid DVR models (HBF-09KD and HBF-16NK) from Hunt Electronic have an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary OS commands and execute them on the device. |
| Solution | Update firmware to version V3.1.70_1806 BB50604 and later |
| Credit | Yu-Chieh Kuo, Shi-Yi Xie, Li-Fan Cheng, Chih-Che Chang, An-Wei Kung(NICS) |
| Public Date | 2025-06-24 |
:::