Headline
CVE-2021-41506: GitHub - Snawoot/hisilicon-dvr-telnet: PoC materials for article https://habr.com/en/post/486856/
Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R11.Nat.20170301, V4.02.R12.Nat.OnvifS.20170727 is affected by a backdoor in the macGuarder and dvrHelper binaries of DVR/NVR/IP camera firmware due to static root account credentials in the system.
master
Switch branches/tags
1 branch 0 tags
Code
Latest commit
Snawoot update readme
82b0a92
Aug 9, 2020
update readme
82b0a92
Git stats
- 4 commits
Files
Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.gitignore
update gitignore
Feb 4, 2020
LICENSE
Initial commit
Feb 4, 2020
Makefile
upload
Feb 4, 2020
README.md
update readme
Aug 9, 2020
hs-dvr-telnet.c
upload
Feb 4, 2020
README.md
hisilicon-dvr-telnet
PoC materials for article https://habr.com/en/post/486856/
❤️ ❤️ ❤️
You can say thanks to the author by donations to these wallets:
- ETH: 0xB71250010e8beC90C5f9ddF408251eBA9dD7320e
- BTC:
- Legacy: 1N89PRvG1CSsUk9sxKwBwudN6TjTPQ1N8a
- Segwit: bc1qc0hcyxc000qf0ketv4r44ld7dlgmmu73rtlntw
Related news
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.