Digiever｜NVR – OS Command Injection_CVE-2025-10265

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the device.

Basic Information

ID CVE-2025-10265

Source twcert

Published Sep 12, 2025 at 10:15

Affected Product

Vendor Digiever

Product DS-1200

Affected Versions Digiever DS-1200 0
Digiever DS-2100 Pro 0
Digiever DS-2100 Pro+ 0
Digiever DS-2100 UHD 0
Digiever DS-2200 UHD 0
Digiever DS-2200 UHD+ 0
Digiever DS-4200 Pro 0
Digiever DS-4200 Pro+ 0
Digiever DS-4200 UHD 0
Digiever DS-4200 UHD+ 0
Digiever DS-4100-RM 0
Digiever DS-4200-RM Pro+ 0
Digiever DS-4200-RM UHD 0
Digiever DS-8x00-RM Pro+ 0
Digiever DS-8x00-SRM Pro+ 0
Digiever DS-8x00-RM UHD 0
Digiever DS-16x00-RM Pro+ 0
Digiever DS-16x00-RM UHD 0

CWE Classification

CWE-78

References

{
    "lastseen": "",
    "description": "Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the device.",
    "published": "2025-09-12T10:15:46.072Z",
    "modified": "2025-09-12T10:15:46.072Z",
    "type": "cve",
    "title": "Digiever\uff5cNVR - OS Command Injection",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10375-19f1e-1.html\nhttps://www.twcert.org.tw/en/cp-139-10376-a057c-2.html",
    "id": "CVE-2025-10265",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Digiever DS-1200 0\nDigiever DS-2100 Pro 0\nDigiever DS-2100 Pro+ 0\nDigiever DS-2100 UHD 0\nDigiever DS-2200 UHD 0\nDigiever DS-2200 UHD+ 0\nDigiever DS-4200 Pro 0\nDigiever DS-4200 Pro+ 0\nDigiever DS-4200 UHD 0\nDigiever DS-4200 UHD+ 0\nDigiever DS-4100-RM 0\nDigiever DS-4200-RM Pro+ 0\nDigiever DS-4200-RM UHD 0\nDigiever DS-8x00-RM Pro+ 0\nDigiever DS-8x00-SRM Pro+ 0\nDigiever DS-8x00-RM UHD 0\nDigiever DS-16x00-RM Pro+ 0\nDigiever DS-16x00-RM UHD 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DS-1200",
    "version": "0",
    "vendor": "Digiever",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}