CVE-2025-6561

Name of the Vulnerable Software and Affected Versions: Hunt Electronic Hybrid DVR models (HBF-09KD and HBF-16NK)

Description: The issue allows unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. This is an Exposure of Sensitive Information vulnerability.

Recommendations: For HBF-09KD and HBF-16NK models, consider restricting access to the system configuration file until a patch is available. As a temporary workaround, avoid using plaintext administrator credentials in the affected system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.