We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-34053

AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via .cab Path Manipulation



Description

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.

Reserved 2025-04-15 | Published 2025-07-01 | Updated 2025-07-01 | Assigner VulnCheck


MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-290 Authentication Bypass by Spoofing

Product status

Default status
unaffected

1000-1000-1000-1000
affected

1000C-1000C-1000C-1000C
affected

1001-1000-1000-1000
affected

1001-1001-1000-1000
affected

1002-1000-1000-1000
affected

1002-1002-1000-1002
affected

1002D-1000D-1000D-1000D
affected

1003-1000-1000-1001
affected

1003-1001-1001-1000
affected

1003-1002-1001-1000
affected

1004-1000-1000-1000
affected

1004-1001-1001-1001
affected

1004-1003-1001-1002
affected

1004-1003-1002-1001
affected

1004A-1001A-1002A-1000A
affected

1005-1002-1001-1002
affected

1005-1003-1001-1002
affected

1005-1004-1002-1001
affected

1005A-1001A-1002A-1001A
affected

1005D-1001D-1002D-1001D
affected

1006-1002-1001-1002
affected

1006-1004-1003-1001
affected

1007-1001-1003-1001
affected

1007-1001-1004-1003
affected

1007-1002-1001-1003
affected

1007-1002-1003-1002
affected

1007-1004-1003-1001
affected

1008-1001-1003-1002
affected

1008-1004-1004-1001
affected

1008D-1003D-1004D-1002D
affected

1008J-1004J-1004J-1001J
affected

1009-1001-1004-1001
affected

1009-1002-1005-1003
affected

1009-1003-1005-1002
affected

1010-1001-1004-1001
affected

1010-1001-1004-1002
affected

1010-1003-1005-1002
affected

1010-1003-1006-1003
affected

1010-1003-1006-1004
affected

1010-1004-1007-1001
affected

1010J-1001J-1004J-1001J
affected

1010N-1003N-1005N-1002N
affected

1011-1001-1002A-1002
affected

1011-1001-1002D-1002
affected

1011-1001-1003-1002
affected

1011-1001-1004-1002
affected

1011-1001-1005-1002
affected

1011-1004-1005-1002
affected

1012-1001-1005-1002
affected

1012-1001-1005-1003
affected

1012-1001-1005PO-1002
affected

1012-1003-1007-1002
affected

1012-1003-1007-1004
affected

1013-1001-1005-1003
affected

1013-1002-1006-1002
affected

1013-1003-1008-1003
affected

1013-1004-1008-1004
affected

1013-1005-1005-1002
affected

1013-1005-1007-1002
affected

1013K-1005K-1007PO-1002K
affected

1014-1002-1006-1002
affected

1014-1002-1006-1003
affected

1014-1003-1008-1003
affected

1014-1005-1008-1002
affected

1014B-1002B-1006B-1002B
affected

1015-1001-1006-1003
affected

1015-1002-1006-1003
affected

1015-1002-1007-1002
affected

1015-1003-1008-1003
affected

1015-1005-1009-1004
affected

1015-1006-1004-1002
affected

1015-1006-1005-1002
affected

1015-1006-1008-1002
affected

1015C-1004C-1003C-1005C
affected

1015K-1006K-1008PO-1002K
affected

1016-1002-1007-1002
affected

1016-1006-1013-1002
affected

1016-1007-1009-1003
affected

1016-1007-1011-1003
affected

1017-1002-1007-1003
affected

1017-1003-1007-1003
affected

1017-1003-1009-1003
affected

1017-1005-1004-1005
affected

1017-1006-1013-1002
affected

1017-1013-1014-1005
affected

1018-1003-1005-1004
affected

1018-1003-1008-1003
affected

1018-1003-1008-1004
affected

1018-1003-1008PO-1003
affected

1018-1004-1005-1005
affected

1018-1007-1009-1003
affected

1018-1012-1011-1010
affected

1019-1004-1006-1005
affected

1019-1007-1009-1003
affected

1020-1003-1008-1003
affected

1020-1003-1008-1004
affected

1020-1004-1007-1006
affected

1020-1007-1008-1003
affected

1020-1007-1009-1003
affected

1021-1003-1008-1003
affected

1021-1003-1008-1004
affected

1021-1005-1006-1005
affected

1021-1005-1008-1006
affected

1021-1006-1015-1002
affected

1021-1007-1010-1003
affected

1022-1005-1007-1005
affected

1022-1005-1009-1007
affected

1022-1006-1015-1002
affected

1022-1013-1014-1010
affected

1022-1014-1016-1002-FFFF
affected

1022Y-1014Y-1016Y-1002Y-FFFF
affected

1023-1005-1008-1006
affected

1023-1007-1016-1003
affected

1024-1019-1019-1007
affected

1025-1006-1010-1007
affected

1025-1017-1017-1011
affected

1027-1007-1019-1003
affected

1027-1021-1021-1008
affected

1028-1021-1022-1008
affected

1031-1007-1022-1003
affected

1032-1022-1024-1008
affected

1033-1018-1021-1012
affected

1035-1005-1005-1004
affected

1035-1005-1005-1005
affected

1035-1005-1005-1005P
affected

1035-1007-1024-1003
affected

1035-1024-1025-1008
affected

1036-1005-1006-1005
affected

1036-1007-1024-1003
affected

1036-1014-1016-1016
affected

1037-1024-1027-1008
affected

1037-1025-1027-1008
affected

1038-1021-1024-1012
affected

1038-1021-1024-1012-A5
affected

1038-1025-1028-1008
affected

1039-1005-1008-1004
affected

1039-1005-1008-1005
affected

1039-1014-1017-1016
affected

1039D-1014D-1017D-1016D
affected

1040-1026-1029-1008
affected

1041-1005-1009-1005
affected

1042-1026-1030-1008
affected

1044-1026-1030-1008
affected

1044-1026-1031-1008
affected

1045-1015-1020-1018
affected

1046-1027-1032-1008
affected

1047-1027-1031-1008
affected

1049-1027-1033-1008
affected

1050-1027-1034-1008
affected

1050-1027-1036-1008
affected

1051-1027-1035-1008
affected

1051CZ-1028-1037-1008
affected

1052-1027-1034-1008
affected

1052-1028-1038-1008
affected

1052A-1028-1038A-1008
affected

1054-1027-1036-1008
affected

1054-1028-1036-1008
affected

1055-1028-1036-1008
affected

1056-1028-1037-1008
affected

1058-1028-1039-1008
affected

1062-1028-1041-1008
affected

1065-1029-1043-1008
affected

1068-1029-1043-1008
affected

1069-1029-1043-1008
affected

1071-1029-1044-1008
affected

1077-1017-1035-1007
affected

1077-1017-1035-1007-A6
affected

1077-1017-1035-1007-D4
affected

1077-1017-1035-1007-D705FF
affected

1078-1017-1036-1007
affected

1078-1017-1036-1007-A6
affected

1078-1017-1036-1007-D707FF
affected

1079-1017-1037-1007
affected

1079-1017-1037-1007-D4
affected

1W77-1W17-1W35-1W07-A6
affected

A077-1017-A035-1007
affected

A077-1017-A035-1007-A6
affected

A1035-1024-A1025-1008
affected

A1038-1025-A1028-1008-D4
affected

S681-S681-S681-S681
affected

S749-S749-S749-S749
affected

S818-S818-S818-S818
affected

S820-S820-S820-S820
affected

S823-S823-S823-S823
affected

S914V-S914V-S914V-S914V
affected

S984-S984-S984-S984
affected

Credits

Gergely Eberhardt (SEARCH-LAB.hu) finder

References

www.exploit-db.com/exploits/40500 exploit

avtech.com/ product

web.archive.org/...6-AVTech-devices-multiple-vulnerabilities third-party-advisory technical-description

web.archive.org/...1029201749/https://github.com/ebux/AVTECH exploit

vulncheck.com/...ries/avtech-ipcamera-nvr-dvr-mulitple-vulns third-party-advisory

cve.org (CVE-2025-34053)

nvd.nist.gov (CVE-2025-34053)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-34053

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.