Command Injection Vulnerability in SystemK NVR 504/508/516 Versions 2.3.5SK.30084998 and Prior

Command Injection Vulnerability in SystemK NVR 504/508/516 Versions 2.3.5SK.30084998 and Prior

CVE-2023-7227 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execute arbitrary commands with root privileges.

Learn more about our Web Application Penetration Testing UK.