Fortinet’s seen more than 50,000 attempts to exploit an unpatched flaw in its TBK digital video recording (DVR) devices in the month of April 2023.
The flaw, CVE-2018-9995, was caused by an error when handling a maliciously crafted HTTP cookie.
Threat actors are actively exploiting an unprotected five-year-old flaw impacting TBK DVR devices.
According to Fortinet, this vulnerability occurs when a machine-readable cookie is incorrectly handled.
Many brands of DVRs including those sold under the names CeNova, DVR Login, HostStar, HiVee, Novo, QSee, Pulnix, Securus, and XVR 5 in 1 contain this vulnerability.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply