Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by Digiever
CVE-2025-10265 (GCVE-0-2025-10265)
Vulnerability from cvelistv5 – Published: 2025-09-12 10:15 – Updated: 2025-09-29 17:11
VLAI
Title
Digiever|NVR - OS Command Injection
Summary
Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html | third-party-advisory |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Digiever | DS-1200 |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4100-RM |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-SRM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-16x00-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-16x00-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
Date Public
2025-09-12 10:07
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T17:08:11.311569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T17:11:21.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DS-1200",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4100-RM",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-SRM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-09-12T10:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"value": "Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T03:35:36.492Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware version to x.x.x.79 and later\u003cbr\u003e"
}
],
"value": "Update firmware version to x.x.x.79 and later"
}
],
"source": {
"advisory": "TVN-202509001",
"discovery": "EXTERNAL"
},
"title": "Digiever\uff5cNVR - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-10265",
"datePublished": "2025-09-12T10:15:46.072Z",
"dateReserved": "2025-09-11T11:42:43.481Z",
"dateUpdated": "2025-09-29T17:11:21.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10264 (GCVE-0-2025-10264)
Vulnerability from cvelistv5 – Published: 2025-09-12 10:06 – Updated: 2025-09-12 15:52
VLAI
Title
Digiever|NVR - Exposure of Sensitive Information
Summary
Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html | third-party-advisory |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Digiever | DS-1200 |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200 UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200 UHD+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4100-RM |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-SRM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-16x00-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-16x00-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
Date Public
2025-09-12 09:53
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10264",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T15:49:49.277357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:52:40.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DS-1200",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4100-RM",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-SRM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-09-12T09:53:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras."
}
],
"value": "Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T10:06:12.163Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware version to x.x.x.79 and later"
}
],
"value": "Update firmware version to x.x.x.79 and later"
}
],
"source": {
"advisory": "TVN-202509001",
"discovery": "EXTERNAL"
},
"title": "Digiever\uff5cNVR - Exposure of Sensitive Information",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-10264",
"datePublished": "2025-09-12T10:06:12.163Z",
"dateReserved": "2025-09-11T11:42:41.676Z",
"dateUpdated": "2025-09-12T15:52:40.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10265 (GCVE-0-2025-10265)
Vulnerability from nvd – Published: 2025-09-12 10:15 – Updated: 2025-09-29 17:11
VLAI
Title
Digiever|NVR - OS Command Injection
Summary
Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html | third-party-advisory |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Digiever | DS-1200 |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4100-RM |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-SRM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-8x00-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-16x00-RM Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-16x00-RM UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
Date Public
2025-09-12 10:07
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T17:08:11.311569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T17:11:21.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DS-1200",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4100-RM",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-SRM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-09-12T10:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"value": "Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T03:35:36.492Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware version to x.x.x.79 and later\u003cbr\u003e"
}
],
"value": "Update firmware version to x.x.x.79 and later"
}
],
"source": {
"advisory": "TVN-202509001",
"discovery": "EXTERNAL"
},
"title": "Digiever\uff5cNVR - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-10265",
"datePublished": "2025-09-12T10:15:46.072Z",
"dateReserved": "2025-09-11T11:42:43.481Z",
"dateUpdated": "2025-09-29T17:11:21.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10264 (GCVE-0-2025-10264)
Vulnerability from nvd – Published: 2025-09-12 10:06 – Updated: 2025-09-12 15:52
VLAI
Title
Digiever|NVR - Exposure of Sensitive Information
Summary
Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html | third-party-advisory |
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Digiever | DS-1200 |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 Pro+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2100 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-2200 UHD+ |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro |
Affected:
0 , ≤ *.*.*.78
(custom)
|
|
| Digiever | DS-4200 Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200 UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200 UHD+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4100-RM |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-4200-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-SRM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-8x00-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-16x00-RM Pro+ |
Affected:
0 , ≤ x.x.x.78
(custom)
|
|
| Digiever | DS-16x00-RM UHD |
Affected:
0 , ≤ x.x.x.78
(custom)
|
Date Public
2025-09-12 09:53
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10264",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T15:49:49.277357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:52:40.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DS-1200",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2100 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-2200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "*.*.*.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200 UHD+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4100-RM",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-4200-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-SRM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-8x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM Pro+",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DS-16x00-RM UHD",
"vendor": "Digiever",
"versions": [
{
"lessThanOrEqual": "x.x.x.78",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-09-12T09:53:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras."
}
],
"value": "Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaintext credentials of the NVR and its connected cameras."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T10:06:12.163Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10376-a057c-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update firmware version to x.x.x.79 and later"
}
],
"value": "Update firmware version to x.x.x.79 and later"
}
],
"source": {
"advisory": "TVN-202509001",
"discovery": "EXTERNAL"
},
"title": "Digiever\uff5cNVR - Exposure of Sensitive Information",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2025-10264",
"datePublished": "2025-09-12T10:06:12.163Z",
"dateReserved": "2025-09-11T11:42:41.676Z",
"dateUpdated": "2025-09-12T15:52:40.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}