BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CISA Adds Digiever DS-2105 Pro Flaw to KEV Amid Attacks Now!

CISA adds CVE-2023-52163 to KEV: post-auth command injection in EoL Digiever DS-2105 Pro NVRs exploited to deploy Mirai/ShadowV2 — avoid internet exposure and change default credentials.

  • CISA has added a vulnerability affecting Digiever DS-2105 Pro NVRs to its KEV alert and Known Exploited Vulnerabilities (KEV) catalog.
  • The flaw, CVE-2023-52163 (CVSS 8.8), permits post-authentication command injection leading to remote code execution.
  • Security firms including Akamai and Fortinet reported active exploitation to install botnets such as Mirai and ShadowV2.
  • TXOne Research notes the device is end-of-life and the vulnerability remains unpatched; users should avoid internet exposure and change default credentials.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw affecting Digiever DS-2105 Pro network video recorders to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue is tracked as CVE-2023-52163 and carries a CVSS score of 8.8.

- Advertisement -

CISA described the problem as, “Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tzsetup.cgi,” and noted that exploitation enables post-authentication remote code execution. Command injection is a flaw that allows attackers to run system commands on the device. Remote code execution (RCE) is the ability to run code on a device from another system.

Reports from security vendors including Akamai and Fortinet show threat actors exploited this bug to deploy botnets such as Mirai and ShadowV2. A second issue, CVE-2023-52164, is an arbitrary file read vulnerability with a CVSS score of 5.1 and also remains unpatched.

According to researcher Ta-Lun Yen at TXOne Research, the DS-2105 Pro has reached end-of-life (EoL), meaning the vendor no longer provides updates, which leaves the flaws unpatched. Successful attacks require valid device credentials and a crafted request.

In lieu of a vendor patch, users should avoid exposing the device to the internet and change default usernames and passwords. CISA urges Federal Civilian Executive Branch agencies to apply mitigations or discontinue use of the product by January 12, 2025.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Crypto’s $2T Crash Awaits BlackRock Shock & FOMO

Bitcoin has stabilized near $60,000 after a downturn erased $2 trillion from the crypto...

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Saylor and Back oppose BIP-110 fork over Bitcoin security fears

Michael Saylor and Adam Back have publicly opposed BIP-110, a temporary Bitcoin fork proposal...

China, India groups target Pakistani police in cyber espionage

Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber...

AMD Stock Dips 10% Amid AI Volatility Ahead of Q3 Earnings

AMD stock fell nearly 10% from $580 on June 30 to roughly $516 by...

Must Read

How To Travel With Bitcoin: 9 Travel Companies Accepting Bitcoin

Bitcoin travel is a reality, as several travel companies now accept payments in cryptocurrencies for their services.Those who have opened a Bitcoin account on...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading