TONNET DVR – Broken Access Control
21Vexday Risk Score
No sign of exploitation. No public exploitation artifact known so far.
ssvc Trackcvss 8.1epss 1.7%
exploitation probability
1.7%top 26% of all CVEs
observed exploitation
nono source reports it
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. Attackers can crack the default password and gain access to the system.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
TONNET · DVR