CVE-2024-14007

HIGH EXPLOITED

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 <1.3.4 - Auth B...

Title source: llm

Exploitation Summary

CVE-2024-14007 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated remote attacker can invoke privileged administrative query commands without valid credentials. Successful exploitation discloses sensitive information including administrator usernames and passwords in cleartext, network and service configuration, and other device details via commands such as queryBasicCfg, queryUserList, queryEmailCfg, queryPPPoECfg, and queryFTPCfg.

References (4)

Core 4

Core References

Various Sources technical-description exploit

https://ssd-disclosure.com/ssd-advisory-nvms9000-information-disclosure/

Various Sources related

https://www.greynoise.io/blog/surge-exploitation-attempts-tvt-dvrs

Various Sources related

https://undercodetesting.com/eleven11-botnet-mirai-variant-targeting-nvms-9000-devices/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/tvt-nvms9000-unauthenticated-admin-queries-and-information-disclosure

Scores

CVSS v4 8.7

EPSS 0.0067

EPSS Percentile 47.0%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

VulnCheck KEV 2025-11-24

CWE

CWE-306

Status published

Products (1)

Shenzhen TVT Digital Technology Co., Ltd./NVMS-9000 < 1.3.4

Published Nov 24, 2025

Tracked Since Feb 18, 2026