🔐 CVE Alert

CVE-2025-34065

UNKNOWN 0.0

AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.

CWE CWE-290
Vendor avtech
Product ip camera, dvr, and nvr devices
Published Jul 1, 2025
Last Updated Apr 7, 2026
Stay Ahead of the Next One

Get instant alerts for avtech ip camera, dvr, and nvr devices

Be the first to know when new unknown vulnerabilities affecting avtech ip camera, dvr, and nvr devices are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

AVTECH / IP camera, DVR, and NVR Devices
1000-1000-1000-1000 1000C-1000C-1000C-1000C 1001-1000-1000-1000 1001-1001-1000-1000 1002-1000-1000-1000 1002-1002-1000-1002 1002D-1000D-1000D-1000D 1003-1000-1000-1001 1003-1001-1001-1000 1003-1002-1001-1000 1004-1000-1000-1000 1004-1001-1001-1001 1004-1002-1000-1001 1004-1003-1001-1002 1004-1003-1002-1001 1004A-1001A-1002A-1000A 1005-1002-1001-1002 1005-1003-1001-1002 1005-1004-1002-1001 1005A-1001A-1002A-1001A 1005D-1001D-1002D-1001D 1006-1002-1001-1002 1006-1003-1001-1001 1006-1004-1003-1001 1007-1001-1003-1001 1007-1001-1004-1003 1007-1002-1001-1000 1007-1002-1001-1003 1007-1002-1003-1002 1007-1004-1003-1001 1008-1001-1003-1002 1008-1004-1004-1001 1008D-1003D-1004D-1002D 1008J-1004J-1004J-1001J 1009-1001-1004-1001 1009-1002-1005-1003 1009-1003-1001-1003 1009-1003-1005-1002 1010-1001-1004-1001 1010-1001-1004-1002 1010-1003-1005-1002 1010-1003-1006-1003 1010-1003-1006-1004 1010-1004-1007-1001 1010J-1001J-1004J-1001J 1010N-1003N-1005N-1002N 1011-1001-1002A-1002 1011-1001-1002D-1002 1011-1001-1003-1002 1011-1001-1004-1002 1011-1001-1005-1002 1011-1004-1005-1002

References

NVD ↗ CVE.org ↗ EPSS Data ↗
exploit-db.com: https://www.exploit-db.com/exploits/40500 avtech.com: https://avtech.com/ web.archive.org: https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities web.archive.org: https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH vulncheck.com: https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns

Credits

Gergely Eberhardt (SEARCH-LAB.hu)