Unauthenticated Arbitrary File Read Vulnerability in LILIN Digital Video Recorder Devices
CVE-2025-34130

8.7HIGH

Key Information:

Vendor

Merit Lilin

Status
Dvr Firmware
Vendor
CVE Published:
16 July 2025

What is CVE-2025-34130?

An unauthenticated arbitrary file read vulnerability exists in LILIN Digital Video Recorder devices, allowing attackers to access sensitive configuration files through the /z/zbin/net_html.cgi endpoint. Exploitation of this vulnerability enables the reading of files like /zconf/service.xml, which can facilitate additional attacks, including potential command injection. The vulnerability has been actively exploited by multiple botnets such as FBot and Moobot, underscoring the critical need for users to update their firmware to secure versions to mitigate these risks. For more information and mitigation steps, refer to the vendor's advisory and third-party sources.

Affected Version(s)

DVR Firmware * < 2.0b60_20200207

References

https://blog.netlab.360.com/multiple-botnets-are-spreadin...
third-party-advisorytechnical-description
https://www.meritlilin.com/assets/uploads/support/file/M0...
vendor-advisorypatch
https://www.vulncheck.com/advisories/lilin-dvr-multiple-v...
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

360 Netlab
.
CVE-2025-34130 : Unauthenticated Arbitrary File Read Vulnerability in LILIN Digital Video Recorder Devices