Avtech DVR Camera Authentication Bypass and Command Execution Exploit

Several firmware versions of Avtech devices are vulnerable to Authentication bypass by requesting a .cab file and also vulnerable to Authenticated command injection in PwdGrp.cgi on the user creation or modification request
Exploit type: 
Vulnerabilty ID: 
NOCVE-9999-81314
Product Version: 
38
Released Date: 
Tuesday, January 10, 2017 - 18:00