CVE-2020-3924

Summary

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.

Affected Software

VendorProductVersion RangeStatus
TONNETDVR0 <= 20191216affected
TONNETDVR0 <= 20200213affected

Weaknesses

  • Firmware Injection

ADP Enrichment

CVE Program Container

Additional References

References