Command Injection Vulnerability in LILIN Digital Video Recorder Devices
CVE-2025-34129

8.7HIGH

Key Information:

Vendor

Merit Lilin

Status
Dvr Firmware
Vendor
CVE Published:
16 July 2025

What is CVE-2025-34129?

A command injection flaw has been detected in LILIN Digital Video Recorder (DVR) devices due to inadequate input validation in the FTP and NTP Server configuration fields. This vulnerability allows an attacker with access to the device's configuration interface to upload a malicious XML file containing malicious shell commands. These commands are subsequently executed with elevated permissions during configuration synchronizations, leading to a compromise of system integrity. The Moobot botnets have been identified as a group actively exploiting this vulnerability in the wild.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

DVR Firmware * < 2.0b60_20200207

References

https://blog.netlab.360.com/multiple-botnets-are-spreadin...
third-party-advisorytechnical-description
https://www.meritlilin.com/assets/uploads/support/file/M0...
vendor-advisorypatch
https://www.vulncheck.com/advisories/lilin-dvr-multiple-v...
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

360 Netlab
JSON
.