CVE-2018-9995
CVE-2018-9995
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
Affected products
n/a · n/apublic PoCs found — 28
githubgithub.com/ezelf/CVE-2018-9995_dvr_credentials★ 555githubgithub.com/Cyb0r9/DVR-Exploiter★ 113githubgithub.com/0xDamian/CVE-2018-9995-rs★ 97githubgithub.com/X3RX3SSec/DVR_Sploit★ 11githubgithub.com/K3ysTr0K3R/CVE-2018-9995-EXPLOIT★ 9githubgithub.com/zzh217/CVE-2018-9995_Batch_scanning_exp★ 4githubgithub.com/kienquoc102/CVE-2018-9995-2★ 4githubgithub.com/wmasday/HTC★ 3githubgithub.com/codeholic2k18/CVE-2018-9995★ 2githubgithub.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs★ 2githubgithub.com/Huangkey/CVE-2018-9995_check★ 2githubgithub.com/Saeed22487/CVE-2018-9995★ 1githubgithub.com/mesutozsoycom/cve-2018-9995★ 1githubgithub.com/MrAli-Code/CVE-2018-9995_dvr_credentials★ 1githubgithub.com/b510/CVE-2018-9995-POC★ 1githubgithub.com/awesome-consumer-iot/HTC★ 1githubgithub.com/ST0PL/DVRFaultNET★ 1githubgithub.com/dearpan/cve-2018-9995★ 0githubgithub.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs★ 0githubgithub.com/LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995★ 0githubgithub.com/likaifeng0/CVE-2018-9995_dvr_credentials-dev_tool★ 0githubgithub.com/arminarab1999/CVE-2018-9995★ 0githubgithub.com/ABIZCHI/CVE-2018-9995_dvr_credentials★ 0githubgithub.com/batmoshka55/CVE-2018-9995_dvr_credentials★ 0githubgithub.com/dego905/Cam★ 0githubgithub.com/A-Alabdoo/CVE-DVr★ 0cve_referencewww.exploit-db.com/exploits/44577/unverifiedexploitdbwww.exploit-db.com/exploits/44577unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.htmlhttp://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.htmlhttps://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/https://www.exploit-db.com/exploits/44577/