QwikSec

Security Database

CVE

CWE

Training

CVE-2025-5113

Published: Jun 2, 2025

Modified: Jun 2, 2025

PUBLISHED

Description

The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary command injection and hardcoded passwords are used.

Vendor	Product	Versions
Diviotec	nbr222p	affected `0 - <= 2.0170.3030`
Diviotec	nbr222pv	affected `0 - <= 2.0170.3030`
Diviotec	nbr224p	affected `0 - <= 2.0170.3030`
Diviotec	nbr225p	affected `0 - <= 2.0170.3030`
Diviotec	nbr226p	affected `0 - <= 2.0170.3030`
Diviotec	nbf232p	affected `0 - <= 2.0170.3030`
Diviotec	nbf233p	affected `0 - <= 2.0170.3030`
Diviotec	ndr252p	affected `0 - <= 2.0170.3030`
Diviotec	ndr255p	affected `0 - <= 2.0170.3030`

Weaknesses (CWE)

References

https://www.onekey.com/resource/security-advisory-remote-code-execution-on-diviotec-ip-camera-cve-2025-5113

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.