PT-2024-20117 · Hitron Systems · Hitron Systems Dvr Lguvr-16H
Published
2024-01-22
·
Updated
2025-12-31
·
CVE-2024-23842
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Hitron Systems DVR LGUVR-16H versions 1.02 through 4.02
Description
The issue is related to improper input validation, which allows an attacker to cause a network attack if the default admin ID and password are used.
Recommendations
For versions 1.02 through 4.02, change the default admin ID and password to prevent potential network attacks.
As a temporary workaround, consider restricting access to the device until a patch is available.
Avoid using the default admin ID and password in the affected device until the issue is resolved.
Fix
Using Hardcoded Credentials
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hitron Systems Dvr Lguvr-16H