CVE-2023-52163

CVSS v3.1

5.9

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Digiever DS-2105 Pro version 3.1.0.71-11

Description The network video recorder firmware for Digiever DS-2105 Pro has a flaw due to missing authorization. Exploitation may allow an attacker to execute arbitrary commands. The issue involves command injection through the

time tzsetup.cgi

API endpoint. This affects products that are no longer supported by the maintainer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

BDU:2025-10935

CVE-2023-52163

Affected Products

Digiever Ds-2105 Pro

CVE-2023-52163

Weakness Enumeration

Related Identifiers

Affected Products

References · 7