Avtech DVR Camera Authentication Bypass and Command Execution Exploit

Several firmware versions of Avtech devices are vulnerable to Authentication bypass by requesting a .cab file and also vulnerable to Authenticated command injection in PwdGrp.cgi on the user creation or modification request
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-81314
Product Version: 
2017_R1
Released Date: 
Wednesday, January 11, 2017 - 00:00