Primary

Context

Digiever NVR OS Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in certain NVR models developed by Digiever. This vulnerability allows unauthenticated remote attackers to inject and execute arbitrary operating system commands on the affected device. The issue is present in several NVR series models running firmware versions through x.x.x.78.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected NVR device.

Remediation

Users are advised to update the NVR firmware to version x.x.x.79 or later.

Added: Sep 12, 2025, 11:23 AM

Updated: Sep 12, 2025, 11:23 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Digiever NVR OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating