Primary

Context

Hunt Electronic Hybrid DVR Exposure of Sensitive Information Vulnerability

Vulnerability

A vulnerability allowing exposure of sensitive information has been identified in certain hybrid DVR models from Hunt Electronic, specifically the HBF-09KD and HBF-16NK. This vulnerability allows unauthenticated remote attackers to access a system configuration file and retrieve plaintext administrator credentials. The issue affects DVRs running firmware version V3.1.67_1786 BB11115 and earlier.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive system information, including plaintext administrator credentials, which could be misused to gain further access or control over the affected system.

Remediation

Users are advised to update the DVR firmware to version V3.1.70_1806 BB50604 or later.

Added: Jun 26, 2025, 12:23 PM

Updated: Jun 26, 2025, 12:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hunt Electronic Hybrid DVR Exposure of Sensitive Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating