CVE-2025-7724

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VIGI NVR1104H-4P versions prior to 1.1.5 Build 250518 VIGI NVR2016H-16MP versions prior to 1.3.1 Build 250407

Description An unauthenticated OS command injection vulnerability exists in VIGI NVR systems.

Recommendations Update VIGI NVR1104H-4P to version 1.1.5 Build 250518 or later. Update VIGI NVR2016H-16MP to version 1.3.1 Build 250407 or later.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2025-10685

CVE-2025-7724

Affected Products

Vigi Nvr1104H-4P

Vigi Nvr2016H-16Mp

CVE-2025-7724

Weakness Enumeration

Related Identifiers

Affected Products

References · 13