KEVIntel
Back to KEVs
8.8
CVSS
High

CVE-2022-45045

PUBLISHED

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000,...

Exploited in the wild Remote Low complexity No user interaction
Vendor
Xiongmai
Product
NVR devices
Published
Dec 01, 2022
EPSS

Description

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

CVSS scores

CVSS v3.1 8.8 High

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2022-12-01 00:00:00 UTC · Source

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CVE Dec 01, 2022

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel