AVTech IP Camera, DVR, and NVR Devices Multiple Vulnerabilities

Advisories

AVTech IP Camera, DVR, and NVR Devices Multiple Vulnerabilities

severity: critical
date: 6/30/2025
Affecting: AVTech IP Camera
AVTech DVR
AVTech NVR
Affected version ranges remain undefined
CVE: CVE-2025-34050 CVE-2025-34051 CVE-2025-34053 CVE-2025-34054 CVE-2025-34055 CVE-2025-34056 CVE-2025-34065 CVE-2025-34066
CVE type: Authentication Bypass, Buffer Overflow, Cleartext Credentials, Cross-Site Request Forgery, OS Command Injection, Path Traversal, Server-Side Request Forgery
CVSS: 10
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
References: ShadowServer Exploitation Evidence (CVE-2025-34054)
Researcher Disclosure
ExploitDB-40500
Credit: Gergely Eberhardt of SEARCH-LAB.hu
Description: CVE-2025-34054 exploitation evidence was observed by the Shadowserver Foundation on 2025-01-04 UTC.
VulnCheck KEV: This advisory is in the VulnCheck KEV database

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo