Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    10 vulnerabilities by Hitron Systems

    CVE-2024-22772 (GCVE-0-2024-22772)

    Vulnerability from nvd – Published: 2024-01-23 04:52 – Updated: 2024-10-22 03:55
    VLAI
    Title
    Hitron Systems DVR LGUVR-8H Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR LGUVR-8H Affected: 1.02 , ≤ 4.02 (custom)
    Create a notification for this product.
    hitronsystems dvr_lguvr-8h Affected: 1.02~4.02
        cpe:2.3:a:hitronsystems:dvr_lguvr-8h:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hitronsystems:dvr_lguvr-8h:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_lguvr-8h",
                "vendor": "hitronsystems",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.02~4.02"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T03:55:44.110Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR LGUVR-8H",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:40.359Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR LGUVR-8H Improper Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22772",
        "datePublished": "2024-01-23T04:52:06.708Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2024-10-22T03:55:44.110Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22771 (GCVE-0-2024-22771)

    Vulnerability from nvd – Published: 2024-01-23 04:49 – Updated: 2024-10-22 03:55
    VLAI
    Title
    Hitron Systems DVR LGUVR-4H Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR LGUVR-4H Affected: 1.02 , ≤ 4.02 (custom)
    Create a notification for this product.
    hitronsystems dvr_lguvr-4h_firmware Affected: 01.02 , ≤ 4.02 (custom)
        cpe:2.3:o:hitronsystems:dvr_lguvr-4h_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.148Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:hitronsystems:dvr_lguvr-4h_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_lguvr-4h_firmware",
                "vendor": "hitronsystems",
                "versions": [
                  {
                    "lessThanOrEqual": "4.02",
                    "status": "affected",
                    "version": "01.02",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22771",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T03:55:42.957Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR LGUVR-4H",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:29.532Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR LGUVR-4H Improper Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22771",
        "datePublished": "2024-01-23T04:49:10.800Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2024-10-22T03:55:42.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22770 (GCVE-0-2024-22770)

    Vulnerability from nvd – Published: 2024-01-23 04:42 – Updated: 2025-05-22 14:58
    VLAI
    Title
    Hitron Systems DVR HVR-16781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-16781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.027Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22770",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-22T03:55:42.636742Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T14:58:05.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-16781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:20.892Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-16781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22770",
        "datePublished": "2024-01-23T04:42:39.638Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-22T14:58:05.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22769 (GCVE-0-2024-22769)

    Vulnerability from nvd – Published: 2024-01-23 04:37 – Updated: 2025-05-30 14:19
    VLAI
    Title
    Hitron Systems DVR HVR-8781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-8781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22769",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T19:09:13.466244Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T14:19:50.183Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-8781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:10.153Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-8781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22769",
        "datePublished": "2024-01-23T04:37:06.276Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-30T14:19:50.183Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22768 (GCVE-0-2024-22768)

    Vulnerability from nvd – Published: 2024-01-23 04:31 – Updated: 2025-05-30 14:19
    VLAI Shadowserver KEVIntel
    Title
    Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-4781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:10.953Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22768",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:53:06.752611Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T14:19:56.241Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-4781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.\u003cbr\u003e"
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:00:57.719Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22768",
        "datePublished": "2024-01-23T04:31:40.489Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-30T14:19:56.241Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22772 (GCVE-0-2024-22772)

    Vulnerability from cvelistv5 – Published: 2024-01-23 04:52 – Updated: 2024-10-22 03:55
    VLAI
    Title
    Hitron Systems DVR LGUVR-8H Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR LGUVR-8H Affected: 1.02 , ≤ 4.02 (custom)
    Create a notification for this product.
    hitronsystems dvr_lguvr-8h Affected: 1.02~4.02
        cpe:2.3:a:hitronsystems:dvr_lguvr-8h:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hitronsystems:dvr_lguvr-8h:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_lguvr-8h",
                "vendor": "hitronsystems",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.02~4.02"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T03:55:44.110Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR LGUVR-8H",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:40.359Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR LGUVR-8H Improper Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22772",
        "datePublished": "2024-01-23T04:52:06.708Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2024-10-22T03:55:44.110Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22771 (GCVE-0-2024-22771)

    Vulnerability from cvelistv5 – Published: 2024-01-23 04:49 – Updated: 2024-10-22 03:55
    VLAI
    Title
    Hitron Systems DVR LGUVR-4H Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR LGUVR-4H Affected: 1.02 , ≤ 4.02 (custom)
    Create a notification for this product.
    hitronsystems dvr_lguvr-4h_firmware Affected: 01.02 , ≤ 4.02 (custom)
        cpe:2.3:o:hitronsystems:dvr_lguvr-4h_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.148Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:hitronsystems:dvr_lguvr-4h_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "dvr_lguvr-4h_firmware",
                "vendor": "hitronsystems",
                "versions": [
                  {
                    "lessThanOrEqual": "4.02",
                    "status": "affected",
                    "version": "01.02",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22771",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-05T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T03:55:42.957Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR LGUVR-4H",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.02",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:29.532Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR LGUVR-4H Improper Input Validation Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22771",
        "datePublished": "2024-01-23T04:49:10.800Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2024-10-22T03:55:42.957Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22770 (GCVE-0-2024-22770)

    Vulnerability from cvelistv5 – Published: 2024-01-23 04:42 – Updated: 2025-05-22 14:58
    VLAI
    Title
    Hitron Systems DVR HVR-16781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-16781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.027Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22770",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-22T03:55:42.636742Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T14:58:05.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-16781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:20.892Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-16781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22770",
        "datePublished": "2024-01-23T04:42:39.638Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-22T14:58:05.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22769 (GCVE-0-2024-22769)

    Vulnerability from cvelistv5 – Published: 2024-01-23 04:37 – Updated: 2025-05-30 14:19
    VLAI
    Title
    Hitron Systems DVR HVR-8781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-8781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:11.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22769",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T19:09:13.466244Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T14:19:50.183Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-8781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:01:10.153Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-8781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22769",
        "datePublished": "2024-01-23T04:37:06.276Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-30T14:19:50.183Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22768 (GCVE-0-2024-22768)

    Vulnerability from cvelistv5 – Published: 2024-01-23 04:31 – Updated: 2025-05-30 14:19
    VLAI Shadowserver KEVIntel
    Title
    Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability
    Summary
    Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitron Systems DVR HVR-4781 Affected: 1.03 , ≤ 4.02 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:10.953Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.hitron.co.kr/firmware/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22768",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T15:53:06.752611Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T14:19:56.241Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "DVR HVR-4781",
              "vendor": "Hitron Systems",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "4.03",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "4.02",
                  "status": "affected",
                  "version": "1.03",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.\u003cbr\u003e"
                }
              ],
              "value": "Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-490",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-490 Amplification"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-23T05:00:57.719Z",
            "orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
            "shortName": "krcert"
          },
          "references": [
            {
              "url": "http://www.hitron.co.kr/firmware/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability ",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
        "assignerShortName": "krcert",
        "cveId": "CVE-2024-22768",
        "datePublished": "2024-01-23T04:31:40.489Z",
        "dateReserved": "2024-01-11T07:18:23.099Z",
        "dateUpdated": "2025-05-30T14:19:56.241Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }