Exploitation of 5-Year-Old TBK DVR Vulnerability Spikes
Fortinet has reported a significant increase in exploitation attempts targeting a five-year-old authentication bypass vulnerability (CVE-2018-9995) in TBK DVR devices. TBK Vision, a video surveillance company, provides network CCTV devices, DVRs, and other related equipment for protecting industrial and critical infrastructure facilities. The vulnerability can be exploited remotely by sending a crafted HTTP cookie, granting the attacker administrative access to a vulnerable device and access to camera video feeds. The vendor has not provided a patch to address the bug, which impacts TBK's DVR4104 and DVR4216 devices. Fortinet detected over 50,000 exploitation attempts targeting CVE-2018-9995 in April 2023 alone. Organizations are advised to review their CCTV cameras, DVRs, and related equipment and remove any vulnerable models or ensure they are protected by a firewall and not directly accessible from the internet. CVEs: CVE-2018-9995, CVE-2016-20016 [View Article](https://ciso2ciso.com/exploitation-of-5-year-old-tbk-dvr-vulnerability-spikes-source-www-securityweek-com/)