CVE-2024-43778

None

Description

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

INFO

Published Date :

2024-09-18T06:14:02.040Z

Last Modified :

2024-09-18T14:57:29.697Z

Source :

jpcert

AFFECTED PRODUCTS

The following products are affected by CVE-2024-43778 vulnerability.

Vendors	Products
Takenaka Engineering	Ahd04t-a Firmware Ahd08t-a Firmware Ahd16t-a Firmware Hdvr-1600 Firmware Hdvr-400 Firmware Hdvr-800 Firmware Nvr04t-a Firmware Nvr08t-a Firmware Nvr16t-a Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-43778.

URL	Resource
https://jvn.jp/en/vu/JVNVU90142679/
https://www.takex-eng.co.jp/ja/news/news.php?s=68

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact