CVE-2025-36529 (GCVE-0-2025-36529)
Vulnerability from cvelistv5
Published
2025-06-27 05:23
Modified
2025-06-30 18:47
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Summary
An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | TB-eye Ltd. | XRN-410SN/TE |
Version: firmware versions Ver2.47b_220119153805 and earlier |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T18:40:49.174491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T18:47:15.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "XRN-410SN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver2.47b_220119153805 and earlier"
}
]
},
{
"product": "XRN-810SN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver2.47b_220119153805 and earlier"
}
]
},
{
"product": "XRN-1610SN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver2.47b_210516234524 and earlier"
}
]
},
{
"product": "PRN-4011N/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver2.51p_231208081715 and earlier"
}
]
},
{
"product": "HRX-421FN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver3.05.62 and earlier"
}
]
},
{
"product": "HRX-821/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver3.05.62 and earlier"
}
]
},
{
"product": "HRX-1621/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver3.05.62 and earlier"
}
]
},
{
"product": "HRX-435FN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.31.72 and earlier"
}
]
},
{
"product": "HRX-835/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.31.72 and earlier"
}
]
},
{
"product": "HRX-1635/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.31.72 and earlier"
}
]
},
{
"product": "XRN-425SFN/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.31.32 and earlier"
}
]
},
{
"product": "XRN-426S",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.33.12 and earlier"
}
]
},
{
"product": "XRN-820S/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.34.12 and earlier"
}
]
},
{
"product": "XRN-1620S/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.34.12 and earlier"
}
]
},
{
"product": "XRN-3210R/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.34.12 and earlier"
}
]
},
{
"product": "XRN-6410R/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.34.12 and earlier"
}
]
},
{
"product": "XRN-6410DR/TE",
"vendor": "TB-eye Ltd.",
"versions": [
{
"status": "affected",
"version": "firmware versions Ver5.34.12 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T05:23:27.330Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.tbeye.com/topics/ahd/"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93396297/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-36529",
"datePublished": "2025-06-27T05:23:27.330Z",
"dateReserved": "2025-06-24T23:58:17.896Z",
"dateUpdated": "2025-06-30T18:47:15.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-36529\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2025-06-27T06:15:24.587\",\"lastModified\":\"2025-06-30T18:38:48.477\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.\"},{\"lang\":\"es\",\"value\":\"Existe un problema de inyecci\u00f3n de comandos del sistema operativo en varias versiones de TB-eye network recorders y AHD recorders. Si se explota esta vulnerabilidad, un atacante que inicie sesi\u00f3n en el dispositivo podr\u00eda ejecutar un comando arbitrario del sistema operativo.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU93396297/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://www.tbeye.com/topics/ahd/\",\"source\":\"vultures@jpcert.or.jp\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-36529\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-30T18:40:49.174491Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-30T18:47:08.221Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-410SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_220119153805 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-810SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_220119153805 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-1610SN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.47b_210516234524 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"PRN-4011N/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver2.51p_231208081715 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-421FN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-821/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-1621/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver3.05.62 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-435FN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-835/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"HRX-1635/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.72 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-425SFN/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.31.32 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-426S\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.33.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-820S/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-1620S/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-3210R/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-6410R/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}, {\"vendor\": \"TB-eye Ltd.\", \"product\": \"XRN-6410DR/TE\", \"versions\": [{\"status\": \"affected\", \"version\": \"firmware versions Ver5.34.12 and earlier\"}]}], \"references\": [{\"url\": \"https://www.tbeye.com/topics/ahd/\"}, {\"url\": \"https://jvn.jp/en/vu/JVNVU93396297/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2025-06-27T05:23:27.330Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-36529\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-30T18:47:15.964Z\", \"dateReserved\": \"2025-06-24T23:58:17.896Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2025-06-27T05:23:27.330Z\", \"assignerShortName\": \"jpcert\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…