CVE-2025-34065 (GCVE-0-2025-34065)
Vulnerability from cvelistv5
Published
2025-07-01 14:47
Modified
2025-07-01 18:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AVTECH | IP camera, DVR, and NVR Devices |
Version: 1000-1000-1000-1000 Version: 1000C-1000C-1000C-1000C Version: 1001-1000-1000-1000 Version: 1001-1001-1000-1000 Version: 1002-1000-1000-1000 Version: 1002-1002-1000-1002 Version: 1002D-1000D-1000D-1000D Version: 1003-1000-1000-1001 Version: 1003-1001-1001-1000 Version: 1003-1002-1001-1000 Version: 1004-1000-1000-1000 Version: 1004-1001-1001-1001 Version: 1004-1002-1000-1001 Version: 1004-1003-1001-1002 Version: 1004-1003-1002-1001 Version: 1004A-1001A-1002A-1000A Version: 1005-1002-1001-1002 Version: 1005-1003-1001-1002 Version: 1005-1004-1002-1001 Version: 1005A-1001A-1002A-1001A Version: 1005D-1001D-1002D-1001D Version: 1006-1002-1001-1002 Version: 1006-1003-1001-1001 Version: 1006-1004-1003-1001 Version: 1007-1001-1003-1001 Version: 1007-1001-1004-1003 Version: 1007-1002-1001-1000 Version: 1007-1002-1001-1003 Version: 1007-1002-1003-1002 Version: 1007-1004-1003-1001 Version: 1008-1001-1003-1002 Version: 1008-1004-1004-1001 Version: 1008D-1003D-1004D-1002D Version: 1008J-1004J-1004J-1001J Version: 1009-1001-1004-1001 Version: 1009-1002-1005-1003 Version: 1009-1003-1001-1003 Version: 1009-1003-1005-1002 Version: 1010-1001-1004-1001 Version: 1010-1001-1004-1002 Version: 1010-1003-1005-1002 Version: 1010-1003-1006-1003 Version: 1010-1003-1006-1004 Version: 1010-1004-1007-1001 Version: 1010J-1001J-1004J-1001J Version: 1010N-1003N-1005N-1002N Version: 1011-1001-1002A-1002 Version: 1011-1001-1002D-1002 Version: 1011-1001-1003-1002 Version: 1011-1001-1004-1002 Version: 1011-1001-1005-1002 Version: 1011-1004-1005-1002 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34065",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-01T18:35:32.244766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T18:36:04.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Search.cgi",
"username parameter",
"queryb64str"
],
"product": "IP camera, DVR, and NVR Devices",
"vendor": "AVTECH",
"versions": [
{
"status": "affected",
"version": "1000-1000-1000-1000"
},
{
"status": "affected",
"version": "1000C-1000C-1000C-1000C"
},
{
"status": "affected",
"version": "1001-1000-1000-1000"
},
{
"status": "affected",
"version": "1001-1001-1000-1000"
},
{
"status": "affected",
"version": "1002-1000-1000-1000"
},
{
"status": "affected",
"version": "1002-1002-1000-1002"
},
{
"status": "affected",
"version": "1002D-1000D-1000D-1000D"
},
{
"status": "affected",
"version": "1003-1000-1000-1001"
},
{
"status": "affected",
"version": "1003-1001-1001-1000"
},
{
"status": "affected",
"version": "1003-1002-1001-1000"
},
{
"status": "affected",
"version": "1004-1000-1000-1000"
},
{
"status": "affected",
"version": "1004-1001-1001-1001"
},
{
"status": "affected",
"version": "1004-1002-1000-1001"
},
{
"status": "affected",
"version": "1004-1003-1001-1002"
},
{
"status": "affected",
"version": "1004-1003-1002-1001"
},
{
"status": "affected",
"version": "1004A-1001A-1002A-1000A"
},
{
"status": "affected",
"version": "1005-1002-1001-1002"
},
{
"status": "affected",
"version": "1005-1003-1001-1002"
},
{
"status": "affected",
"version": "1005-1004-1002-1001"
},
{
"status": "affected",
"version": "1005A-1001A-1002A-1001A"
},
{
"status": "affected",
"version": "1005D-1001D-1002D-1001D"
},
{
"status": "affected",
"version": "1006-1002-1001-1002"
},
{
"status": "affected",
"version": "1006-1003-1001-1001"
},
{
"status": "affected",
"version": "1006-1004-1003-1001"
},
{
"status": "affected",
"version": "1007-1001-1003-1001"
},
{
"status": "affected",
"version": "1007-1001-1004-1003"
},
{
"status": "affected",
"version": "1007-1002-1001-1000"
},
{
"status": "affected",
"version": "1007-1002-1001-1003"
},
{
"status": "affected",
"version": "1007-1002-1003-1002"
},
{
"status": "affected",
"version": "1007-1004-1003-1001"
},
{
"status": "affected",
"version": "1008-1001-1003-1002"
},
{
"status": "affected",
"version": "1008-1004-1004-1001"
},
{
"status": "affected",
"version": "1008D-1003D-1004D-1002D"
},
{
"status": "affected",
"version": "1008J-1004J-1004J-1001J"
},
{
"status": "affected",
"version": "1009-1001-1004-1001"
},
{
"status": "affected",
"version": "1009-1002-1005-1003"
},
{
"status": "affected",
"version": "1009-1003-1001-1003"
},
{
"status": "affected",
"version": "1009-1003-1005-1002"
},
{
"status": "affected",
"version": "1010-1001-1004-1001"
},
{
"status": "affected",
"version": "1010-1001-1004-1002"
},
{
"status": "affected",
"version": "1010-1003-1005-1002"
},
{
"status": "affected",
"version": "1010-1003-1006-1003"
},
{
"status": "affected",
"version": "1010-1003-1006-1004"
},
{
"status": "affected",
"version": "1010-1004-1007-1001"
},
{
"status": "affected",
"version": "1010J-1001J-1004J-1001J"
},
{
"status": "affected",
"version": "1010N-1003N-1005N-1002N"
},
{
"status": "affected",
"version": "1011-1001-1002A-1002"
},
{
"status": "affected",
"version": "1011-1001-1002D-1002"
},
{
"status": "affected",
"version": "1011-1001-1003-1002"
},
{
"status": "affected",
"version": "1011-1001-1004-1002"
},
{
"status": "affected",
"version": "1011-1001-1005-1002"
},
{
"status": "affected",
"version": "1011-1004-1005-1002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gergely Eberhardt (SEARCH-LAB.hu)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
}
],
"value": "An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \"/nobody\" in the URL, bypassing login controls."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T14:47:23.621Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/40500"
},
{
"tags": [
"product"
],
"url": "https://avtech.com/"
},
{
"tags": [
"third-party-advisory",
"technical-description"
],
"url": "https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities"
},
{
"tags": [
"exploit"
],
"url": "https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34065",
"datePublished": "2025-07-01T14:47:23.621Z",
"dateReserved": "2025-04-15T19:15:22.549Z",
"dateUpdated": "2025-07-01T18:36:04.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-34065\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-01T18:35:32.244766Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-01T18:35:58.115Z\"}}], \"cna\": {\"title\": \"AVTECH IP camera, DVR, and NVR Devices Authentication Bypass via /nobody URL Path\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Gergely Eberhardt (SEARCH-LAB.hu)\"}], \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}, {\"capecId\": \"CAPEC-137\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-137 Parameter Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AVTECH\", \"modules\": [\"Search.cgi\", \"username parameter\", \"queryb64str\"], \"product\": \"IP camera, DVR, and NVR Devices\", \"versions\": [{\"status\": \"affected\", \"version\": \"1000-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1000C-1000C-1000C-1000C\"}, {\"status\": \"affected\", \"version\": \"1001-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1001-1001-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1002-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1002-1002-1000-1002\"}, {\"status\": \"affected\", \"version\": \"1002D-1000D-1000D-1000D\"}, {\"status\": \"affected\", \"version\": \"1003-1000-1000-1001\"}, {\"status\": \"affected\", \"version\": \"1003-1001-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1003-1002-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1004-1000-1000-1000\"}, {\"status\": \"affected\", \"version\": \"1004-1001-1001-1001\"}, {\"status\": \"affected\", \"version\": \"1004-1002-1000-1001\"}, {\"status\": \"affected\", \"version\": \"1004-1003-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1004-1003-1002-1001\"}, {\"status\": \"affected\", \"version\": \"1004A-1001A-1002A-1000A\"}, {\"status\": \"affected\", \"version\": \"1005-1002-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1005-1003-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1005-1004-1002-1001\"}, {\"status\": \"affected\", \"version\": \"1005A-1001A-1002A-1001A\"}, {\"status\": \"affected\", \"version\": \"1005D-1001D-1002D-1001D\"}, {\"status\": \"affected\", \"version\": \"1006-1002-1001-1002\"}, {\"status\": \"affected\", \"version\": \"1006-1003-1001-1001\"}, {\"status\": \"affected\", \"version\": \"1006-1004-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1007-1001-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1007-1001-1004-1003\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1001-1000\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1001-1003\"}, {\"status\": \"affected\", \"version\": \"1007-1002-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1007-1004-1003-1001\"}, {\"status\": \"affected\", \"version\": \"1008-1001-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1008-1004-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1008D-1003D-1004D-1002D\"}, {\"status\": \"affected\", \"version\": \"1008J-1004J-1004J-1001J\"}, {\"status\": \"affected\", \"version\": \"1009-1001-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1009-1002-1005-1003\"}, {\"status\": \"affected\", \"version\": \"1009-1003-1001-1003\"}, {\"status\": \"affected\", \"version\": \"1009-1003-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1001-1004-1001\"}, {\"status\": \"affected\", \"version\": \"1010-1001-1004-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1006-1003\"}, {\"status\": \"affected\", \"version\": \"1010-1003-1006-1004\"}, {\"status\": \"affected\", \"version\": \"1010-1004-1007-1001\"}, {\"status\": \"affected\", \"version\": \"1010J-1001J-1004J-1001J\"}, {\"status\": \"affected\", \"version\": \"1010N-1003N-1005N-1002N\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1002A-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1002D-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1003-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1004-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1001-1005-1002\"}, {\"status\": \"affected\", \"version\": \"1011-1004-1005-1002\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40500\", \"tags\": [\"exploit\"]}, {\"url\": \"https://avtech.com/\", \"tags\": [\"product\"]}, {\"url\": \"https://web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilities\", \"tags\": [\"third-party-advisory\", \"technical-description\"]}, {\"url\": \"https://web.archive.org/web/20161029201749/https://github.com/ebux/AVTECH\", \"tags\": [\"exploit\"]}, {\"url\": \"https://vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulns\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \\\"/nobody\\\" in the URL, bypassing login controls.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices\\u2019 streamd web server. The strstr() function allows unauthenticated access to any request containing \\\"/nobody\\\" in the URL, bypassing login controls.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"shortName\": \"VulnCheck\", \"dateUpdated\": \"2025-07-01T14:47:23.621Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-34065\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-01T18:36:04.496Z\", \"dateReserved\": \"2025-04-15T19:15:22.549Z\", \"assignerOrgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"datePublished\": \"2025-07-01T14:47:23.621Z\", \"assignerShortName\": \"VulnCheck\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…