CVE-2009-3828

Everfocus EDR1600 - Unauthenticated Authentication Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3828. PoCs published by Andrea Fabrizi.

AI-analyzed exploit summary The provided text describes an authentication bypass vulnerability in Everfocus EDSR series DVR firmware but does not include actual exploit code. Instead, it points to an external download link for the exploit, which is a common indicator of suspicious content.

Description

The web interface for Everfocus EDR1600 DVR allows remote attackers to bypass authentication and access live cams via certain vectors.

Exploits (1)

exploitdb SUSPICIOUS VERIFIED
by Andrea Fabrizi · textwebappsmultiple
https://www.exploit-db.com/exploits/10209

The provided text describes an authentication bypass vulnerability in Everfocus EDSR series DVR firmware but does not include actual exploit code. Instead, it points to an external download link for the exploit, which is a common indicator of suspicious content.

Classification
Suspicious 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: Everfocus EDSR series firmware 1.4 and older
No auth needed
Prerequisites: Network access to the target DVR
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507373/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53909
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/59139
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37108
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2009/Oct/293

Scores

EPSS 0.0289
EPSS Percentile 85.1%

Details

CWE
CWE-287
Status published
Products (1)
everfocus/edr1600
Published Oct 30, 2009
Tracked Since Feb 18, 2026