Published:2025/06/27  Last Updated:2025/06/27

JVNVU#93396297
Multiple vulnerabilities in TB-eye network recorders and AHD recorders

Overview

Network recorders and AHD recorders provided by TB-eye Ltd. contain multiple vulnerabilities.

Products Affected

  • XRN-410SN/TE firmware versions Ver2.47b_220119153805 and earlier
  • XRN-810SN/TE firmware versions Ver2.47b_220119153805 and earlier
  • XRN-1610SN/TE firmware versions Ver2.47b_210516234524 and earlier
  • PRN-4011N/TE firmware versions Ver2.51p_231208081715 and earlier
  • HRX-421FN/TE firmware versions Ver3.05.62 and earlier
  • HRX-821/TE firmware versions Ver3.05.62 and earlier
  • HRX-1621/TE firmware versions Ver3.05.62 and earlier
  • HRX-435FN/TE firmware versions Ver5.31.72 and earlier
  • HRX-835/TE firmware versions Ver5.31.72 and earlier
  • HRX-1635/TE firmware versions Ver5.31.72 and earlier
  • XRN-425SFN/TE firmware versions Ver5.31.32 and earlier
  • XRN-426S firmware versions Ver5.33.12 and earlier
  • XRN-820S/TE firmware versions Ver5.34.12 and earlier
  • XRN-1620S/TE firmware versions Ver5.34.12 and earlier
  • XRN-3210R/TE firmware versions Ver5.34.12 and earlier
  • XRN-6410R/TE firmware versions Ver5.34.12 and earlier
  • XRN-6410DR/TE firmware versions Ver5.34.12 and earlier

Description

Network recorders and AHD recorders provided by TB-eye Ltd. contain multiple vulnerabilities listed below.

  • OS command injection (CWE-78)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.6
    • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 7.2
    • CVE-2025-36529
  • Classic buffer overflow (CWE-120)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 6.9
    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
    • CVE-2025-41418

Impact

  • An arbitrary OS command may be executed by an attacker who is logging in to the device (CVE-2025-36529)
  • The CGI process may be terminated abnormally by processing a specially crafted request (CVE-2025-41418)

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

Apply the workaround
The developer recommends the users to change the administrator password to one hard to guess.

For more information, refer to the information provided by the developer.

Vendor Status

Vendor Link
TB-eye Ltd. Important notice for customers using Network Recorders and AHD Recorders (Text in Japanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2025-36529
CVE-2025-41418
JVN iPedia