Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.0013}

epss

{'score': 0.00137}


Wed, 18 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Takenaka Engineering
Takenaka Engineering ahd04t-a Firmware
Takenaka Engineering ahd08t-a Firmware
Takenaka Engineering ahd16t-a Firmware
Takenaka Engineering hdvr-1600 Firmware
Takenaka Engineering hdvr-400 Firmware
Takenaka Engineering hdvr-800 Firmware
Takenaka Engineering nvr04t-a Firmware
Takenaka Engineering nvr08t-a Firmware
Takenaka Engineering nvr16t-a Firmware
Weaknesses CWE-912
CPEs cpe:2.3:o:takenaka_engineering:ahd04t-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:ahd08t-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:ahd16t-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:hdvr-1600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:hdvr-400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:hdvr-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:nvr04t-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:nvr08t-a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:takenaka_engineering:nvr16t-a_firmware:*:*:*:*:*:*:*:*
Vendors & Products Takenaka Engineering
Takenaka Engineering ahd04t-a Firmware
Takenaka Engineering ahd08t-a Firmware
Takenaka Engineering ahd16t-a Firmware
Takenaka Engineering hdvr-1600 Firmware
Takenaka Engineering hdvr-400 Firmware
Takenaka Engineering hdvr-800 Firmware
Takenaka Engineering nvr04t-a Firmware
Takenaka Engineering nvr08t-a Firmware
Takenaka Engineering nvr16t-a Firmware
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 18 Sep 2024 06:30:00 +0000

Type Values Removed Values Added
Description Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2024-09-18T15:23:18.923Z

Reserved: 2024-09-17T04:34:03.008Z

Link: CVE-2024-47001

cve-icon Vulnrichment

Updated: 2024-09-18T14:58:30.790Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-18T07:15:04.220

Modified: 2024-09-20T12:30:51.220

Link: CVE-2024-47001

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.