virus logo Intrusion Prevention

Lilin.Dvr_box.Command.Injection

description-logoDescription

This indicates an attack attempt against a Command Injection vulnerability in Lilin DVR box.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

LILIN DHD516A 2.0b1_20191202-JPEG C4 panels
LILIN DHD516A 2.0b1_20180828-RTSP works
LILIN DHD508A 2.0b1_20180828-RTSP works
LILIN DHD504A 2.0b1_20191202-JPEG C4 panels
LILIN DHD504A 2.0b1_20190417-JPEG C4 panels
LILIN DHD316A 2.0b1_20180828
LILIN DHD316A 2.0b1_20171128 C4 Panels
LILIN DHD308A 2.0b1_20180828
LILIN DHD304A 2.0b1_20180828
LILIN DHD204 IP Camera 1.06_20151201
LILIN DHD204A IP Camera 2.0b60_20160223
LILIN DHD204A IP Camera 2.0b60_20161123
LILIN DHD208 IP Camera 2.0b60_20160504
LILIN DHD208A IP Camera 2.0b60_20160223
LILIN DHD208A IP Camera 2.0b60_20161123
LILIN DHD216 IP Camera 2.0b60 20151111
LILIN DHD216A IP Camera 2.0b60_20160223
LILIN DHD216A IP Camera 2.0b60_20161123

Impact logoImpact

System Compromise: Remote attacker can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor
https://www.meritlilin.com/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-09-08 18.153 Default_action:pass:drop
2021-08-31 18.149
ID 50700
Created Aug 23, 2021
Updated Jan 31, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Linux
Affected App CGI_app