Medium severityNVD Advisory· Published Jul 1, 2025· Updated Apr 15, 2026
CVE-2025-34053
CVE-2025-34053
Description
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing ".cab" to bypass authentication and access protected endpoints.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- avtech.comnvd
- vulncheck.com/advisories/avtech-ipcamera-nvr-dvr-mulitple-vulnsnvd
- web.archive.org/web/20161029201749/https://github.com/ebux/AVTECHnvd
- web.archive.org/web/20240810225729/https://www.search-lab.hu/advisories/126-AVTech-devices-multiple-vulnerabilitiesnvd
- www.exploit-db.com/exploits/40500nvd
News mentions
0No linked articles in our index yet.