Redhung Chen

**Name of the Vulnerable Software and Affected Versions** TONNET DVR firmware versions in TAT-76 and TAT-77 series (affected versions not specified) **Description** The issue concerns a misconfigured authentication mechanism in the DVR firmware. This allows attackers to crack the default password and gain access to the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TONNET TAT-76 series (affected versions not specified) TONNET TAT-77 series (affected versions not specified) **Description** The issue concerns the DVR firmware in TAT-76 and TAT-77 series of products, which do not properly verify patch files. This allows attackers to inject a specific command into a patch file, potentially gaining access to the system. **Recommendations** For TONNET TAT-76 series, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For TONNET TAT-77 series, at the moment, there is no information about a newer version that contains a fix for this vulnerability.