CVE-2024-47001

Summary

Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Affected Software

VendorProductVersion RangeStatus
TAKENAKA ENGINEERING CO., LTD.HDVR-400prior to 46110.1.100869.65affected
TAKENAKA ENGINEERING CO., LTD.HDVR-800prior to 53210.1.900103.65affected
TAKENAKA ENGINEERING CO., LTD.HDVR-1600prior to 53310.1.900111.65affected
TAKENAKA ENGINEERING CO., LTD.AHD04T-Aprior to 7xx10.1.900055.65affected
TAKENAKA ENGINEERING CO., LTD.AHD08T-Aprior to 7xx10.1.900055.65affected
TAKENAKA ENGINEERING CO., LTD.AHD16T-Aprior to 7xx10.1.900055.65affected
TAKENAKA ENGINEERING CO., LTD.NVR04T-Aprior to 56x10.1.100540.65affected
TAKENAKA ENGINEERING CO., LTD.NVR08T-Aprior to 56x10.1.100540.65affected
TAKENAKA ENGINEERING CO., LTD.NVR16T-Aprior to 49310.1.100540.65affected

Weaknesses

  • Hidden functionality

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References