CVE-2020-3924

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.

MISC: https://tvn.twcert.org.tw/taiwanvn/TVN-201910004
MISC: https://www.chtsecurity.com/news/4ef5eb3a-fdc3-4d78-8dd7-ec7213e2bbcf
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3924

14 years
256 countries
683k users
4525k calculations
Logo www.cctvforum.com
Logo www.systemy-stech.cz
Logo secutek.cz
Logo www.kelcom.cz
Logo sectech.co.nz
Logo www.a1securitycameras.com