CVE-2025-34051
AVTECH DVR Devices Server-Side Request Forgery
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP requests from the DVR to internal or external systems, potentially exposing sensitive data or interacting with internal services.
| CWE | CWE-918 CWE-200 |
| Vendor | avtech |
| Product | dvr devices |
| Published | Jul 1, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for avtech dvr devices
Be the first to know when new unknown vulnerabilities affecting avtech dvr devices are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
AVTECH / DVR devices
1001-1000-1000-1000 1001-1000-1001-1001 1002-1000-1002-1001 1002-1001-1001-1001 1004-1002-1001-1000 1004-1002-1003-1000-FFFF 1004V-1002V-1003V-1001V 1004Y-1002Y-1001EJ-1000Y 1004Y-1002Y-1001Y-1000Y 1005-1002-1002-1000 1005-1002-1004-1001 1006-1001-1003-1004 1006-1002-1003-1000 1006Y-1002Y-1003Y-1000Y 1007-1002-1004-1000 1007-1003-1003-1002 1007-1003-1005-1001 1007E-1003E-1005EJ-1001E 1007V-1003V-1005V-1001V 1007Y-1002Y-1004Y-1000Y 1008-1002-1005-1000 1008-1004-1003-1002 1009-1003-1005-1006 1009-1003-1006-1001 1009-1007-1007-1000-FFFF 1009Y-1003Y-1006Y-1001Y 1010-1004-1007-1001 1010-1005-1005-1002 1011-1004-1005-1006 1011-1005-1007-1001 1011-1005-1007EJ-1001 1011-1005-1008-1002 1012-1004-1005-1006 1012-1005-1007-1002 1012-1006-1007-1001 1012-1008-1009-1000-FFFF 1014-1005-1009-1002 1014-1007-1009-1001 1014-1010-1010-1000-FFFF 1014Y-1007Y-1009Y-1001Y 1015-1006-1010-1003 1015-1007-1007-1007 1015-1007-1010-1001 1015-1010-1011-1000-FFFF 1015Y-1007Y-1010Y-1001Y 1016-1007-1005-1001 1016-1007-1011-1001 1016-1007-1011-1003 1016-1008-1007-1007 1016Y-1007Y-1011Y-1001Y 1017-1008-1012-1002 1017-1009-1008-1008 1017-1011-1013-1001-FFFF 1017f-1011f-1013f-1001f-FFFF 1017Y-1008Y-1012Y-1002Y 1018-1008-1012-1004 1019-1009-1013-1003 1019-1010-1009-1009 1019c-1012c-1014c-1001c-FFFF 1021-1011-1010-1009 1022-1012-1011-1009 1022-1014-1016-1002-FFFF 1022Y-1014Y-1016Y-1002Y-FFFF 1023-1013-1011-1009 1023-1014-1017-1002-FFFF 1025-1014-1013-1009 1026-1014-1014-1009 1027-1014-1015-1009 S968-S968-S968-S968 V171P-V171P-V171P-V171P V189-V189-V189-V189
References
exploit-db.com: https://www.exploit-db.com/exploits/40500 avtech.com: https://avtech.com/ web.archive.org: https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities web.archive.org: https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH vulncheck.com: https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns
Credits
Gergely Eberhardt (SEARCH-LAB.hu)