CVE-2021-41419
CRITICAL EXPLOITED NUCLEIQvis Dvr Firmware < 2021-12-13 - Insecure Deserialization
Title source: ruleDescription
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization.
Nuclei Templates (1)
QVIS NVR/DVR - Remote Code Execution
CRITICALVERIFIEDby me9187
Scores
CVSS v3
9.8
EPSS
0.7239
EPSS Percentile
98.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitation Intel
VulnCheck KEV
2026-02-01
Classification
CWE
CWE-502
Status
published
Affected Products (2)
qvis/dvr_firmware
< 2021-12-13
qvis/nvr_firmware
< 2021-12-13
Timeline
Published
Jul 18, 2022
Tracked Since
Feb 18, 2026