Nvr Devices
Approved changes feed: RSS · Atom
cpe:2.3:a:avtech:nvr_devices:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Avtech (064374b9-08a7-5b62-a2bd-77f43f7d6e76) |
|---|---|
| Product | Nvr Devices (45ab9ab0-ecb4-5691-a48e-a424285bdf48) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-34066 |
vulnerable | 2026-06-03 15:00:43.525230 |
AVTECH IP camera, DVR, and NVR Devices Unauthenticated Information Disclosure
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with --no-check-certificate in scripts like SyncCloudAccount.sh and SyncPermit.sh. This exposes HTTPS communications to man-in-the-middle (MITM) attacks.
Published: 2025-07-01T14:47:44.573Z
Updated: 2026-04-07T14:09:19.390Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-34050 |
vulnerable | 2026-06-03 15:00:43.500981 |
AVTECH IP Camera, DVR, and NVR Devices Cross-Site Request Forgery
A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of an authenticated user’s browser session, allow unauthorized changes to the device configuration without user interaction.
Published: 2025-07-01T14:42:57.143Z
Updated: 2026-04-07T14:09:13.996Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.