CVE-2025-34054

AVTECH IP camera, DVR, and NVR Devices Unauthenticated Command Injection

CVSS 10 CRITICALEPSS 2.7%CWE-78

Vexday Risk Score

48Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 10EPSS 2.7%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

01 Jul 2025Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected products

AVTECH · IP camera, DVR, and NVR Devices

public PoCs found — 2

cve_referenceweb.archive.org/web/20161029201749/https://github.com/ebux/AVTECHunverified cve_referencewww.exploit-db.com/exploits/40500unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://avtech.com/https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities https://www.exploit-db.com/exploits/40500