QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-7724

Back to search

CVE-2025-7724

Published: Jul 22, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

An unauthenticated OS command injection vulnerability exists in VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2.This issue affects VIGI NVR1104H-4P V1: before 1.1.5 Build 250518; VIGI NVR2016H-16MP V2: before 1.3.1 Build 250407.

VendorProductVersions

TP-Link Systems Inc.

VIGI NVR1104H-4P V1

affected
0 - < 1.1.5 Build 250518

TP-Link Systems Inc.

VIGI NVR2016H-16MP V2

affected
0 - < 1.3.1 Build 250407

Weaknesses (CWE)

CWE-78

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now