GCVE - cpe:2.3:a:merit_lilin:dvr_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:merit_lilin:dvr_firmware:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Merit Lilin (`ee088a59-d3bb-5cf5-b6eb-6965d294ce24`)
Product	Dvr Firmware (`7bb7856b-7b15-5c80-a654-5cd01932a868`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-34132`	vulnerable	2026-06-03 15:00:43.720098	LILIN DVR Command Injection via NTPUpdate in dvr_box A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface. Published: 2025-07-16T21:26:51.852Z Updated: 2026-05-15T11:14:50.567Z Open on db.gcve.eu Reference links https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/ https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities https://ducklingstudio.blog.fc2.com/blog-entry-400.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-34130`	vulnerable	2026-06-03 15:00:43.719545	LILIN DVR Arbitrary File Read via net_html.cgi An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot. Published: 2025-07-16T21:26:42.449Z Updated: 2026-05-15T11:14:49.816Z Open on db.gcve.eu Reference links https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/ https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-34129`	vulnerable	2026-06-03 15:00:43.718212	LILIN DVR RCE via Malicious FTP/NTP Configuration A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets. Published: 2025-07-16T21:26:32.446Z Updated: 2026-05-15T11:14:48.811Z Open on db.gcve.eu Reference links https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/ https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.