go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::

Date:
Font-stze:

iCatch DVR - Command Injection

TVN ID TVN-202001010
CVE ID CVE-2020-10514
CVSS 8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products iCatch DVR firmware before 20200103
Description iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary command.
Solution Update to the latest version.
Credit Weber Tsai (CHT Security)
Public Date 2020-04-15
Top