CVE-2018-9995

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2018-9995 is a significant vulnerability in the software design and implementation of TBK's DVR camera system. This flaw, which has been present for five years, allows for an application credential disclosure, essentially enabling unauthorized users to bypass authentication protocols. The vulnerability was first identified and catalogued by the National Vulnerability Database (https://nvd.nist.gov/vuln/detail/CVE-2018-9995), but despite its age, it continues to pose a serious security threat. FortiGuard Labs, the threat intelligence unit of Fortinet, observed a detection spike in this DVR Authentication Bypass Vulnerability in April 2023. This indicated that malicious actors were actively exploiting the CVE-2018-9995 vulnerability in the wild. The exploitation of this vulnerability can lead to unauthorized access to sensitive data and control over the affected systems, posing a serious risk to security and privacy. The fact that this vulnerability has been actively exploited five years after its initial discovery underscores the importance of regular software updates and rigorous cybersecurity practices. Companies and individuals using TBK’s DVR camera system are urged to update their systems to the latest versions, which likely contain patches for such vulnerabilities. Additionally, it is crucial to monitor network activity for any signs of unusual or unauthorized behavior to mitigate the potential damage caused by such exploits.
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Exploit
Vulnerability
Fortiguard
Fortinet
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Authentication Bypass Vulnerability Cve-2018-9995Unspecified
1
None
Source Document References
Information about the CVE-2018-9995 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
SANS ISC
a year ago
InfoSec Handlers Diary Blog - SANS Internet Storm Center
CERT-EU
a year ago
IDS Comparisons with DShield Honeypot Data, (Thu, Jul 6th) – Cyber Safe NV
CERT-EU
4 months ago
Sensor Intel Series: Top CVEs in December 2023
Securityaffairs
a year ago
Fortinet warns of a spike in attacks against TBK DVR devices
InfoSecurity-magazine
a year ago
Hackers Exploit High Severity Flaw in TBK DVR Camera System
CERT-EU
a year ago
Fortiguard
CERT-EU
a year ago
CVE-2018-9995 in TBK Devices Exploited in the Wild
CERT-EU
a year ago
Fortiguard