CVE-2024-22770
HIGH EXPLOITEDHitron Systems DVR HVR-16781 <4.02 - Info Disclosure
Title source: llmExploitation Summary
CVE-2024-22770 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
References (1)
Core 1
Core References
Vendor Advisory
http://www.hitron.co.kr/firmware/
Scores
CVSS v3
7.4
EPSS
0.0050
EPSS Percentile
38.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2024-01-30
CWE
CWE-20
CWE-798
Status
published
Products (1)
hitron/hvr-16781_firmware
1.03 - 4.03
Published
Jan 23, 2024
Tracked Since
Feb 18, 2026