CVE-2025-34129
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-16

Last updated on: 2025-07-17

Assigner: VulnCheck

Description
A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-16
Last Modified
2025-07-17
Generated
2026-05-07
AI Q&A
2025-07-17
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34129
EUVD
EUVD-2025-21742
Affected Vendors & Products
Showing 16 associated CPEs
Vendor Product Version / Range
lilin digital_video_recorder 2.0b1_20191202
lilin digital_video_recorder 2.0b60_20200207
lilin digital_video_recorder *
lilin digital_video_recorder dhd204a
lilin digital_video_recorder dhd216
lilin digital_video_recorder dhd308a
lilin digital_video_recorder dhd516a
lilin digital_video_recorder dhd204
lilin digital_video_recorder dhd304a
lilin digital_video_recorder dhd208a
lilin digital_video_recorder dhd504a
lilin digital_video_recorder dhd508a
lilin digital_video_recorder dhd316a
lilin digital_video_recorder dhd208
lilin digital_video_recorder 1.06_20151201
lilin digital_video_recorder dhd216a
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a command injection flaw in LILIN Digital Video Recorder (DVR) devices before firmware version 2.0b60_20200207. It occurs because the FTP and NTP Server fields in the service configuration do not properly sanitize input. An attacker who can access the configuration interface can upload a malicious XML file containing shell commands injected into these fields. When the device performs configuration synchronization, these commands are executed with elevated privileges, allowing the attacker to run arbitrary commands on the device.


How can this vulnerability impact me? :

This vulnerability can allow an attacker with access to the configuration interface to execute arbitrary commands on the affected DVR device with elevated privileges. This can lead to unauthorized control over the device, potential disruption of service, data compromise, or the device being used as part of a botnet, as was seen with exploitation by the Moobot botnets.


What immediate steps should I take to mitigate this vulnerability?

Update the firmware of LILIN Digital Video Recorder (DVR) devices to version 2.0b60_20200207 or later to ensure the vulnerability is patched. Additionally, restrict access to the configuration interface to trusted users only to prevent unauthorized upload of malicious XML files.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart