CVE-2024-7339

Name of the Vulnerable Software and Affected Versions TVT DVR TD-2104TS-CL (affected versions not specified) DVR TD-2108TS-HP (affected versions not specified) Provision-ISR DVR SH-4050A5-5L(MM) (affected versions not specified) AVISION DVR AV108T (affected versions not specified) TD-2116TE-HP (affected versions not specified) SH-8100A-2L(MM) (affected versions not specified)

Description The issue is related to a lack of protection for service data in hybrid HD video recorders, which can be exploited remotely to disclose protected information. The vulnerability affects the /queryDevInfo file and may lead to sensitive data exposure. The exploit has been disclosed to the public and can be used.

Recommendations For TVT DVR TD-2104TS-CL, consider applying restrictive firewalling immediately to minimize the risk of exploitation. For DVR TD-2108TS-HP, consider applying restrictive firewalling immediately to minimize the risk of exploitation. For Provision-ISR DVR SH-4050A5-5L(MM), consider applying restrictive firewalling immediately to minimize the risk of exploitation. For AVISION DVR AV108T, consider applying restrictive firewalling immediately to minimize the risk of exploitation. For TD-2116TE-HP, consider applying restrictive firewalling immediately to minimize the risk of exploitation. For SH-8100A-2L(MM), consider applying restrictive firewalling immediately to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.