Search criteria
5 vulnerabilities by Merit LILIN
CVE-2026-0855 (GCVE-0-2026-0855)
Vulnerability from cvelistv5 – Published: 2026-01-12 06:44 – Updated: 2026-01-16 02:09
VLAI?
Title
Merit LILIN|IP Camera - OS Command Injection
Summary
Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Merit LILIN | P2 |
Affected:
0
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T14:55:10.141147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T14:55:25.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "P2",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P3",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Z7",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P6",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "V1",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPD",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IPR",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "LD",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "LR",
"vendor": "Merit LILIN",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"datePublic": "2026-01-12T06:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"value": "Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T02:09:56.328Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10625-fac5c-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10626-afbe2-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The IPD/IPR/LD/LR models are no longer supported and replacement is recommended. For the remaining affected models, please refer to the official advisory(M00176) to update the firmware.\u003cbr\u003e"
}
],
"value": "The IPD/IPR/LD/LR models are no longer supported and replacement is recommended. For the remaining affected models, please refer to the official advisory(M00176) to update the firmware."
}
],
"source": {
"advisory": "TVN-202601004",
"discovery": "EXTERNAL"
},
"title": "Merit LILIN\uff5cIP Camera - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2026-0855",
"datePublished": "2026-01-12T06:44:40.227Z",
"dateReserved": "2026-01-12T03:07:26.033Z",
"dateUpdated": "2026-01-16T02:09:56.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0854 (GCVE-0-2026-0854)
Vulnerability from cvelistv5 – Published: 2026-01-12 05:58 – Updated: 2026-01-12 14:56
VLAI?
Title
Merit LILIN|NVR - OS Command Injection
Summary
Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Merit LILIN | DH032 |
Affected:
0 , ≤ 1.0.28.3858
(custom)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0854",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T14:55:41.159581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T14:56:28.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DH032",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.0.28.3858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DVR708",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DVR716",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DVR804",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DVR808",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DVR816",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR100L",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.1.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR200L",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.1.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR400L",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.1.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR1400L",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.1.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR2400L",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "1.1.66",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR3216",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "2.0.74.3921",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR3416",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "2.0.74.3921",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR3416r",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "2.0.74.3921",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR3816",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "2.0.74.3921",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR5832",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "4.0.24.4043",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR5832S",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "4.0.24.4043",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR5104E",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "4.0.24.4078",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR5208E",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "4.0.24.4078",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NVR5416E",
"vendor": "Merit LILIN",
"versions": [
{
"lessThanOrEqual": "4.0.24.4078",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2026-01-12T05:48:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"value": "Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T05:58:52.175Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-10624-6599c-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-10623-4f523-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please refer to the official advisory(M00175) to update the firmware.\u003cbr\u003e"
}
],
"value": "Please refer to the official advisory(M00175) to update the firmware."
}
],
"source": {
"advisory": "TVN-202601003",
"discovery": "EXTERNAL"
},
"title": "Merit LILIN\uff5cNVR - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2026-0854",
"datePublished": "2026-01-12T05:58:52.175Z",
"dateReserved": "2026-01-12T03:07:24.850Z",
"dateUpdated": "2026-01-12T14:56:28.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34132 (GCVE-0-2025-34132)
Vulnerability from cvelistv5 – Published: 2025-07-16 21:26 – Updated: 2025-10-28 13:48 X_Known Exploited Vulnerability
VLAI?
Title
LILIN DVR Command Injection via NTPUpdate in dvr_box
Summary
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Merit LILIN | DVR Firmware |
Affected:
* , < 2.0b60_20200207
(semver)
|
Credits
360 Netlab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T13:38:00.261662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T13:48:22.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DVR Firmware",
"vendor": "Merit LILIN",
"versions": [
{
"lessThan": "2.0b60_20200207",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "360 Netlab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface."
}
],
"value": "A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T20:45:36.324Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities"
},
{
"url": "https://ducklingstudio.blog.fc2.com/blog-entry-400.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "LILIN DVR Command Injection via NTPUpdate in dvr_box",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34132",
"datePublished": "2025-07-16T21:26:51.852Z",
"dateReserved": "2025-04-15T19:15:22.562Z",
"dateUpdated": "2025-10-28T13:48:22.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34130 (GCVE-0-2025-34130)
Vulnerability from cvelistv5 – Published: 2025-07-16 21:26 – Updated: 2025-07-17 13:41 X_Known Exploited Vulnerability
VLAI?
Title
LILIN DVR Arbitrary File Read via net_html.cgi
Summary
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Merit LILIN | DVR Firmware |
Affected:
* , < 2.0b60_20200207
(semver)
|
Credits
360 Netlab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T13:40:34.376179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:41:31.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DVR Firmware",
"vendor": "Merit LILIN",
"versions": [
{
"lessThan": "2.0b60_20200207",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "360 Netlab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot."
}
],
"value": "An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T21:26:44.175Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "LILIN DVR Arbitrary File Read via net_html.cgi",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34130",
"datePublished": "2025-07-16T21:26:42.449Z",
"dateReserved": "2025-04-15T19:15:22.562Z",
"dateUpdated": "2025-07-17T13:41:31.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34129 (GCVE-0-2025-34129)
Vulnerability from cvelistv5 – Published: 2025-07-16 21:26 – Updated: 2025-07-22 14:10 X_Known Exploited Vulnerability
VLAI?
Title
LILIN DVR RCE via Malicious FTP/NTP Configuration
Summary
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Merit LILIN | DVR Firmware |
Affected:
* , < 2.0b60_20200207
(semver)
|
Credits
360 Netlab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T13:42:36.273187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T14:10:50.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DVR Firmware",
"vendor": "Merit LILIN",
"versions": [
{
"lessThan": "2.0b60_20200207",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "360 Netlab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets."
}
],
"value": "A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T14:37:41.462Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day/"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.meritlilin.com/assets/uploads/support/file/M00158-TW.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/lilin-dvr-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "LILIN DVR RCE via Malicious FTP/NTP Configuration",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34129",
"datePublished": "2025-07-16T21:26:32.446Z",
"dateReserved": "2025-04-15T19:15:22.562Z",
"dateUpdated": "2025-07-22T14:10:50.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}