CVE-2024-14007 HIGH

CVE-2024-14007: TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure

Vendor Shenzhen Tvt Digital Technology Co., Ltd.
Product NVMS-9000
Weakness CWE-306 · Missing auth
Published November 24, 2025
Last update November 25, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated remote attacker can invoke privileged administrative query commands without valid credentials. Successful exploitation discloses sensitive information including administrator usernames and passwords in cleartext, network and service configuration, and other device details via commands such as queryBasicCfg, queryUserList, queryEmailCfg, queryPPPoECfg, and queryFTPCfg.

Key dates

02Disclosure timeline

November 24, 2025 CVE published
November 25, 2025 Record updated