CISA Adds Digiever NVR Vulnerability to Known Exploited Vulnerabilities Catalog Amid Active Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw affecting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing confirmed evidence of active exploitation.
The vulnerability, tracked as CVE-2023-52163 with a CVSS score of 8.8, is a command injection flaw that enables post-authentication remote code execution. “Digiever DS-2105 Pro contains a missing authorization vulnerability that could allow command injection via time_tzsetup.cgi,” CISA stated.
This addition follows multiple reports from Akamai and Fortinet, which observed threat actors exploiting the flaw to deploy botnets such as Mirai and ShadowV2.
According to TXOne Research security expert Ta-Lun Yen, the vulnerability—alongside an arbitrary file read bug (CVE-2023-52164, CVSS score: 5.1)—remains unpatched because the device has reached end-of-life (EoL) status.
Successful exploitation requires attackers to log into the device and issue a crafted request. In the absence of a patch, users are strongly advised to avoid exposing the device to the internet and change default credentials immediately.
CISA further recommends that Federal Civilian Executive Branch (FCEB) agencies apply mitigations or discontinue use of the affected product by January 12, 2025, to protect networks from ongoing threats.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
