CVE-2025-34056

CRITICAL

AVTECH IP camera - Command Injection

Title source: llm

Description

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can supply input through the pwd or grp parameters, which are directly embedded into system commands without proper sanitation. This allows for the execution of arbitrary shell commands with root privileges.

Exploits (1)

exploitdb WRITEUP

by Gergely Eberhardt · pythonwebappscgi

https://www.exploit-db.com/exploits/40500

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/40500

[Various Sources] https://avtech.com/

[Various Sources] https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities

[Various Sources] https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH

[Third Party Advisory] https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns

Scores

CVSS v4 9.4

EPSS 0.0204

EPSS Percentile 83.9%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-20 CWE-78

Status published

Products (1)

AVTECH/IP camera, DVR, and NVR Devices

Published Jul 01, 2025

Tracked Since Feb 18, 2026