Xiongmaitech Mbd6304T Firmware vulnerabilities
2 known vulnerabilities affecting xiongmaitech/mbd6304t_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-45045P2HIGHCVSS 8.8Exploitedv4.02.r11.00000117.10001.131900.000002022-12-01
CVE-2022-45045 [HIGH] CWE-78 CVE-2022-45045: Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credential
nvd
CVE-2022-45460P2CRITICALCVSS 9.8v4.02.r11.00000117.10001.131900.000002023-03-28
CVE-2022-45460 [CRITICAL] CVE-2022-45460: Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a system reboot. An unauthenticated and remote attacker can execute arbitrary code by sending
nvd