Find notable cyber news and cases, enriched with sources, timelines, and signals.

Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)

Exploitation Wave
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2023-52163 is being exploited at scale against Digiever DS-2105 Pro NVRs, with multiple reports linking abuse to Mirai and ShadowV2 botnet delivery. The flaw is a post-authentication command injection issue in `time_tzsetup.cgi` that can lead to remote code execution on exposed devices. Because the devices are end-of-life and remain unpatched, defenders are being pushed toward isolation, credential changes, and removal from internet exposure.

Related Happenings

FFmpeg 8.1.2 security update (CVE-2026-8461)

Security Patch Release
H score36 First: 23.06.2026 00:05 Last: 23.06.2026 00:05 Sources 1

About this happening: **FFmpeg** shipped **version 8.1.2** to fix **CVE-2026-8461** in the **MagicYUV decoder**, closing a heap out-of-bounds write that could affect **FFmpeg-based applications**. The...

Check Point Remote Access VPN and Mobile Access authentication bypass (CVE-2026-50751)

Vulnerability
H score47 First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

About this happening: **Check Point** warned that **CVE-2026-50751** is a **critical authentication bypass** in **Remote Access VPN** and **Mobile Access** deployments using **deprecated IKEv1**, letti...

DD-WRT router firmware buffer overflow remote code execution flaw (CVE-2021-27137)

Vulnerability
H score45 First: 07.06.2026 17:17 Last: 07.06.2026 17:17 Sources 1

About this happening: **DD-WRT router firmware** is affected by **CVE-2021-27137**, a **buffer overflow** now being used by **C0XMO** to deliver malware and enable **unauthenticated remote code executi...

Magento exploitation wave for CVE-2026-45247

Exploitation Wave
H score9 First: 04.06.2026 10:19 Last: 04.06.2026 10:19 Sources 1

About this happening: Active exploitation of **CVE-2026-45247** is hitting **Mirasvit Cache Warmer** on **Magento** stores, with malicious requests carrying serialized PHP payloads that can lead to **r...

PAN-OS / Prisma Access GlobalProtect authentication bypass (CVE-2026-0257, actively exploited)

Vulnerability
H score19 First: 30.05.2026 09:41 Last: 30.05.2026 09:41 Sources 1

About this happening: **PAN-OS** and **Prisma Access** are affected by **CVE-2026-0257**, an **authentication bypass** in the **GlobalProtect portal and gateway** that can let attackers establish an **...

Timeline

  1. 25.12.2025 10:07 1 articles · 6mo ago

    CISA sets January 12, 2025 mitigation deadline for FCEB agencies

    Legal Policy Action Update

    CISA recommends Federal Civilian Executive Branch agencies apply mitigations or discontinue use of Digiever DS-2105 Pro devices by January 12, 2025; owners are also advised to avoid internet exposure and change default credentials because the device is end-of-life and CVE-2023-52163 and CVE-2023-52164 remain unpatched.

    Show sources
  2. 25.12.2025 10:07 2 articles · 6mo ago

    CISA adds Digiever DS-2105 Pro vulnerabilities to KEV catalog

    Initial Disclosure

    CISA adds CVE-2023-52163 on Digiever DS-2105 Pro network video recorders to the KEV catalog after evidence of active exploitation, with Akamai and Fortinet reporting threat actors used the flaw to deliver Mirai and ShadowV2 botnets; the vulnerability is a command-injection issue that can enable post-authentication remote code execution via time_tzsetup.cgi.

    Show sources