The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability affecting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing confirmed instances of active exploitation.
The issue, identified as CVE-2023-52163 with a CVSS score of 8.8, is a command injection flaw that enables remote code execution after authentication.
According to CISA, the Digiever DS-2105 Pro contains a missing authorization weakness that can be exploited to perform command injection through the time_tzsetup.cgi endpoint.
CISA’s decision to include CVE-2023-52163 in the KEV catalog follows multiple reports from Akamai and Fortinet indicating that threat actors are exploiting the flaw to deploy botnets such as Mirai and ShadowV2.
TXOne Research security researcher Ta‑Lun Yen noted that this vulnerability, along with an arbitrary file read issue tracked as CVE-2023-52164 (CVSS score: 5.1), remains unpatched due to the device having reached end-of-life (EoL) status.
Exploitation requires an attacker to have valid login credentials and submit a specially crafted request. In the absence of a security fix, users are advised to avoid exposing the device to the internet and to change default usernames and passwords.
CISA has also directed Federal Civilian Executive Branch (FCEB) agencies to apply appropriate mitigations or stop using the affected product by January 12, 2025, in order to protect their networks from ongoing threats.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
