VYPR
Vendor

LILIN

Products
3
CVEs
4
Across products
7
Status
Private

Products

3

Recent CVEs

4
  • CVE-2022-47618CriJan 3, 2023
    risk 0.64cvss 9.8epss 0.01

    Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An unauthenticated remote attacker can use these credentials to log in administrator page, to manipulate system or disrupt service.

  • CVE-2025-34132CriJul 16, 2025
    risk 0.61cvss epss 0.02

    A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to…

  • CVE-2025-34130HigJul 16, 2025
    risk 0.57cvss epss 0.01

    An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml,…

  • CVE-2025-34129HigJul 16, 2025
    risk 0.57cvss epss 0.01

    A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface…