CVE-2025-34065 (GCVE-0-2025-34065)
Vulnerability from cvelistv5
Published
2025-07-01 14:47
Modified
2025-07-01 18:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AVTECH | IP camera, DVR, and NVR Devices |
Version: 1000-1000-1000-1000 Version: 1000C-1000C-1000C-1000C Version: 1001-1000-1000-1000 Version: 1001-1001-1000-1000 Version: 1002-1000-1000-1000 Version: 1002-1002-1000-1002 Version: 1002D-1000D-1000D-1000D Version: 1003-1000-1000-1001 Version: 1003-1001-1001-1000 Version: 1003-1002-1001-1000 Version: 1004-1000-1000-1000 Version: 1004-1001-1001-1001 Version: 1004-1002-1000-1001 Version: 1004-1003-1001-1002 Version: 1004-1003-1002-1001 Version: 1004A-1001A-1002A-1000A Version: 1005-1002-1001-1002 Version: 1005-1003-1001-1002 Version: 1005-1004-1002-1001 Version: 1005A-1001A-1002A-1001A Version: 1005D-1001D-1002D-1001D Version: 1006-1002-1001-1002 Version: 1006-1003-1001-1001 Version: 1006-1004-1003-1001 Version: 1007-1001-1003-1001 Version: 1007-1001-1004-1003 Version: 1007-1002-1001-1000 Version: 1007-1002-1001-1003 Version: 1007-1002-1003-1002 Version: 1007-1004-1003-1001 Version: 1008-1001-1003-1002 Version: 1008-1004-1004-1001 Version: 1008D-1003D-1004D-1002D Version: 1008J-1004J-1004J-1001J Version: 1009-1001-1004-1001 Version: 1009-1002-1005-1003 Version: 1009-1003-1001-1003 Version: 1009-1003-1005-1002 Version: 1010-1001-1004-1001 Version: 1010-1001-1004-1002 Version: 1010-1003-1005-1002 Version: 1010-1003-1006-1003 Version: 1010-1003-1006-1004 Version: 1010-1004-1007-1001 Version: 1010J-1001J-1004J-1001J Version: 1010N-1003N-1005N-1002N Version: 1011-1001-1002A-1002 Version: 1011-1001-1002D-1002 Version: 1011-1001-1003-1002 Version: 1011-1001-1004-1002 Version: 1011-1001-1005-1002 Version: 1011-1004-1005-1002 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34065",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-01T18:35:32.244766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T18:36:04.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Search.cgi",
"username parameter",
"queryb64str"
],
"product": "IP camera, DVR, and NVR Devices",
"vendor": "AVTECH",
"versions": [
{
"status": "affected",
"version": "1000-1000-1000-1000"
},
{
"status": "affected",
"version": "1000C-1000C-1000C-1000C"
},
{
"status": "affected",
"version": "1001-1000-1000-1000"
},
{
"status": "affected",
"version": "1001-1001-1000-1000"
},
{
"status": "affected",
"version": "1002-1000-1000-1000"
},
{
"status": "affected",
"version": "1002-1002-1000-1002"
},
{
"status": "affected",
"version": "1002D-1000D-1000D-1000D"
},
{
"status": "affected",
"version": "1003-1000-1000-1001"
},
{
"status": "affected",
"version": "1003-1001-1001-1000"
},
{
"status": "affected",
"version": "1003-1002-1001-1000"
},
{
"status": "affected",
"version": "1004-1000-1000-1000"
},
{
"status": "affected",
"version": "1004-1001-1001-1001"
},
{
"status": "affected",
"version": "1004-1002-1000-1001"
},
{
"status": "affected",
"version": "1004-1003-1001-1002"
},
{
"status": "affected",
"version": "1004-1003-1002-1001"
},
{
"status": "affected",
"version": "1004A-1001A-1002A-1000A"
},
{
"status": "affected",
"version": "1005-1002-1001-1002"
},
{
"status": "affected",
"version": "1005-1003-1001-1002"
},
{
"status": "affected",
"version": "1005-1004-1002-1001"
},
{
"status": "affected",
"version": "1005A-1001A-1002A-1001A"
},
{
"status": "affected",
"version": "1005D-1001D-1002D-1001D"
},
{
"status": "affected",
"version": "1006-1002-1001-1002"
},
{
"status": "affected",
"version": "1006-1003-1001-1001"
},
{
"status": "affected",
"version": "1006-1004-1003-1001"
},
{
"status": "affected",
"version": "1007-1001-1003-1001"
},
{
"status": "affected",
"version": "1007-1001-1004-1003"
},
{
"status": "affected",
"version": "1007-1002-1001-1000"
},
{
"status": "affected",
"version": "1007-1002-1001-1003"
},
{
"status": "affected",
"version": "1007-1002-1003-1002"
},
{
"status": "affected",
"version": "1007-1004-1003-1001"
},
{
"status": "affected",
"version": "1008-1001-1003-1002"
},
{
"status": "affected",
"version": "1008-1004-1004-1001"
},
{
"status": "affected",
"version": "1008D-1003D-1004D-1002D"
},
{
"status": "affected",
"version": "1008J-1004J-1004J-1001J"
},
{
"status": "affected",
"version": "1009-1001-1004-1001"
},
{
"status": "affected",
"version": "1009-1002-1005-1003"
},
{
"status": "affected",
"version": "1009-1003-1001-1003"
},
{
"status": "affected",
"version": "1009-1003-1005-1002"
},
{
"status": "affected",
"version": "1010-1001-1004-1001"
},
{
"status": "affected",
"version": "1010-1001-1004-1002"
},
{
"status": "affected",
"version": "1010-1003-1005-1002"
},
{
"status": "affected",
"version": "1010-1003-1006-1003"
},
{
"status": "affected",
"version": "1010-1003-1006-1004"
},
{
"status": "affected",
"version": "1010-1004-1007-1001"
},
{
"status": "affected",
"version": "1010J-1001J-1004J-1001J"
},
{
"status": "affected",
"version": "1010N-1003N-1005N-1002N"
},
{
"status": "affected",
"version": "1011-1001-1002A-1002"
},
{
"status": "affected",
"version": "1011-1001-1002D-1002"
},
{
"status": "affected",
"version": "1011-1001-1003-1002"
},
{
"status": "affected",
"version": "1011-1001-1004-1002"
},
{
"status": "affected",
"version": "1011-1001-1005-1002"
},
{
"status": "affected",
"version": "1011-1004-1005-1002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gergely Eberhardt (SEARCH-LAB.hu)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
}
],
"value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T14:47:23.621Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/40500"
},
{
"tags": [
"product"
],
"url": "https://avtech.com/"
},
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
},
{
"tags": [
"exploit"
],
"url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34065",
"datePublished": "2025-07-01T14:47:23.621Z",
"dateReserved": "2025-04-15T19:15:22.549Z",
"dateUpdated": "2025-07-01T18:36:04.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-34065\",\"sourceIdentifier\":\"disclosure@vulncheck.com\",\"published\":\"2025-07-01T15:15:25.187\",\"lastModified\":\"2025-07-03T15:14:12.767\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \\\"/nobody\\\" in the URL, bypassing login controls.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el servidor web Streamd de AVTECH IP camera, DVR, y NVR. La funci\u00f3n strstr() permite el acceso no autenticado a cualquier solicitud que contenga \\\"/nobody\\\" en la URL, omitiendo as\u00ed los controles de inicio de sesi\u00f3n.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"references\":[{\"url\":\"https://avtech.com/\",\"source\":\"disclosure@vulncheck.com\"},{\"url\":\"https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns\",\"source\":\"disclosure@vulncheck.com\"},{\"url\":\"https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH\",\"source\":\"disclosure@vulncheck.com\"},{\"url\":\"https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities\",\"source\":\"disclosure@vulncheck.com\"},{\"url\":\"https://www.exploit-db.com/exploits/40500\",\"source\":\"disclosure@vulncheck.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-34065\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-01T18:35:32.244766Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-01T18:35:58.115Z\"}}], \"cna\": {\"title\": \"AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Gergely Eberhardt (SEARCH-LAB.hu)\"}], \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}, {\"capecId\": \"CAPEC-137\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-137 Parameter Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AVTECH\", \"modules\": [\"Search.cgi\", \"username parameter\", \"queryb64str\"], \"product\": \"IP camera, DVR, and NVR Devices\", \"versions\": [{\"status\": \"affected\", \"version\": \"1000-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1000C-1000C-1000C-1000C\"}, {\"status\": \"affected\", \"version\": \"1001-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1001-1001-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1002-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1002-1002-1000-1002\"}, {\"status\": \"affected\", \"version\": \"1002D-1000D-1000D-1000D\"}, {\"status\": \"affected\", \"version\": \"1003-1000-1000-1001\"}, {\"status\": \"affected\", \"version\": \"1003-1001-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1003-1002-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1004-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1004-1001-1001-1001\"}, {\"status\": \"affected\", \"version\": \"1004-1002-1000-1001\"}, {\"status\": \"affected\", \"version\": \"1004-1003-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1004-1003-1002-1001\"}, {\"status\": \"affected\", \"version\": \"1004A-1001A-1002A-1000A\"}, {\"status\": \"affected\", \"version\": \"1005-1002-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1005-1003-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1005-1004-1002-1001\"}, {\"status\": \"affected\", \"version\": \"1005A-1001A-1002A-1001A\"}, {\"status\": \"affected\", \"version\": \"1005D-1001D-1002D-1001D\"}, {\"status\": \"affected\", \"version\": \"1006-1002-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1006-1003-1001-1001\"}, {\"status\": \"affected\", \"version\": \"1006-1004-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1007-1001-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1007-1001-1004-1003\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1001-1003\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1007-1004-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1008-1001-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1008-1004-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1008D-1003D-1004D-1002D\"}, {\"status\": \"affected\", \"version\": \"1008J-1004J-1004J-1001J\"}, {\"status\": \"affected\", \"version\": \"1009-1001-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1009-1002-1005-1003\"}, {\"status\": \"affected\", \"version\": \"1009-1003-1001-1003\"}, {\"status\": \"affected\", \"version\": \"1009-1003-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1001-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1010-1001-1004-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1006-1003\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1006-1004\"}, {\"status\": \"affected\", \"version\": \"1010-1004-1007-1001\"}, {\"status\": \"affected\", \"version\": \"1010J-1001J-1004J-1001J\"}, {\"status\": \"affected\", \"version\": \"1010N-1003N-1005N-1002N\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1002A-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1002D-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1004-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1004-1005-1002\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40500\", \"tags\": [\"exploit\"]}, {\"url\": \"https://avtech.com/\", \"tags\": [\"product\"]}, {\"url\": \"https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities\", \"tags\": [\"third-party-advisory\", \"technical-description\"]}, {\"url\": \"https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH\", \"tags\": [\"exploit\"]}, {\"url\": \"https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \\\"/nobody\\\" in the URL, bypassing login controls.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \\\"/nobody\\\" in the URL, bypassing login controls.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"shortName\": \"VulnCheck\", \"dateUpdated\": \"2025-07-01T14:47:23.621Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-34065\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-01T18:36:04.496Z\", \"dateReserved\": \"2025-04-15T19:15:22.549Z\", \"assignerOrgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"datePublished\": \"2025-07-01T14:47:23.621Z\", \"assignerShortName\": \"VulnCheck\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…