New Hacking Tool Lets Users Access a Bunch of DVRs and Their Video Feeds

TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a “Cookie: uid=admin” header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.

[*] Exploit Title: “Gets DVR Credentials”
[*] CVE: CVE-2018-9995
[*] CVSS Base Score v3: 7.3 / 10
[*] CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
[*] Date: 09/04/2018
[*] Exploit Author: Fernandez Ezequiel ( twitter:@capitan_alfa )

http://misteralfa-hack.blogspot.com/2018/04/tbk-vision-dvr-login-bypass.html

https://github.com/ezelf/CVE-2018-9995_dvr_credentials

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9995

https://nvd.nist.gov/vuln/detail/CVE-2018-9995

https://gizmodo.com/a-creepy-website-is-streaming-from-73-000-private-secur-1655653510

https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s