Lilin.Dvr_box.Command.Injection
Description
This indicates an attack attempt against a Command Injection vulnerability in Lilin DVR box.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.
Affected Products
LILIN DHD516A 2.0b1_20191202-JPEG C4 panels
LILIN DHD516A 2.0b1_20180828-RTSP works
LILIN DHD508A 2.0b1_20180828-RTSP works
LILIN DHD504A 2.0b1_20191202-JPEG C4 panels
LILIN DHD504A 2.0b1_20190417-JPEG C4 panels
LILIN DHD316A 2.0b1_20180828
LILIN DHD316A 2.0b1_20171128 C4 Panels
LILIN DHD308A 2.0b1_20180828
LILIN DHD304A 2.0b1_20180828
LILIN DHD204 IP Camera 1.06_20151201
LILIN DHD204A IP Camera 2.0b60_20160223
LILIN DHD204A IP Camera 2.0b60_20161123
LILIN DHD208 IP Camera 2.0b60_20160504
LILIN DHD208A IP Camera 2.0b60_20160223
LILIN DHD208A IP Camera 2.0b60_20161123
LILIN DHD216 IP Camera 2.0b60 20151111
LILIN DHD216A IP Camera 2.0b60_20160223
LILIN DHD216A IP Camera 2.0b60_20161123
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor
https://www.meritlilin.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |