Uky

**Name of the Vulnerable Software and Affected Versions** Xiongmai DVR/NVR devices versions 4.03.R11 Xiongmai AHB7008T-MH-V2 Xiongmai NBD7024H-P **Description** A root OS command injection can occur through the use of shell metacharacters in the `HostName` value. This occurs via an authenticated DVRIP protocol (TCP port 34567) request to the NetWork.NetCommon configuration handler. The `system()` function is used, which allows for the execution of arbitrary commands. **Recommendations** For Xiongmai DVR/NVR devices version 4.03.R11, avoid using shell metacharacters in the `HostName` value. For Xiongmai AHB7008T-MH-V2, avoid using shell metacharacters in the `HostName` value. For Xiongmai NBD7024H-P, avoid using shell metacharacters in the `HostName` value.