Remote Code Execution Vulnerability in Digital Video Recorders
CVE-2024-43778

Currently unrated

Key Information:

Vendor: Takenaka Engineering Co., Ltd.
Status: Hdvr-400; Hdvr-800; Hdvr-1600; Ahd04t-a
Vendor: CVE Published:; 18 September 2024

What is CVE-2024-43778?

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Affected Version(s)

AHD04T-A prior to 7xx10.1.900055.65

AHD08T-A prior to 7xx10.1.900055.65

AHD16T-A prior to 7xx10.1.900055.65

References

https://www.takex-eng.co.jp/ja/news/news.php?s=68

https://jvn.jp/en/vu/JVNVU90142679/

Timeline

Vulnerability published
Sep 18, 2024
Vulnerability Reserved
Sep 17, 2024

Takenaka Engineering Co., Ltd.

What is CVE-2024-43778?

Affected Version(s)

References

Timeline