Command Injection Vulnerability in SystemK NVR 504/508/516 Versions 2.3.5SK.30084998 and Prior
CVE-2023-7227 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execute arbitrary commands with root privileges.
Learn more about our Web Application Penetration Testing UK.