Find notable cyber news and cases, enriched with sources, timelines, and signals.

Digiever DS-2105 Pro actively exploited command injection RCE (CVE-2023-52163)

Vulnerability
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

Digiever DS-2105 Pro NVRs are exposed to CVE-2023-52163, a post-authentication command injection flaw that can lead to remote code execution and has been actively exploited. CISA added the vulnerability to the KEV catalog, underscoring real-world risk for organizations still running the affected devices. The flaw remains unpatched because the product is end-of-life, so exposure reduction and access restrictions are the main defenses.

Related Happenings

Magento exploitation wave for CVE-2026-45247

Exploitation Wave
H score9 First: 04.06.2026 10:19 Last: 04.06.2026 10:19 Sources 1

About this happening: Active exploitation of **CVE-2026-45247** is hitting **Mirasvit Cache Warmer** on **Magento** stores, with malicious requests carrying serialized PHP payloads that can lead to **r...

CISA KEV remediation for Android and Linux vulnerabilities

Advisory/Mitigation
H score57 First: 03.06.2026 18:36 Last: 03.06.2026 18:36 Sources 1

About this happening: CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...

PAN-OS GlobalProtect CVE-2026-0257 exploitation wave

Exploitation Wave
H score18 First: 01.06.2026 11:30 Last: 01.06.2026 11:30 Sources 1

About this happening: A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
H score25 First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

CISA KEV order for CVE-2026-3055 on Citrix appliances

Public Sector Action
H score34 First: 31.03.2026 10:05 Last: 31.03.2026 10:05 Sources 1

About this happening: CISA added **CVE-2026-3055** to the **KEV Catalog** and ordered **FCEB agencies** to secure **Citrix NetScaler** appliances by **Thursday, April 2**, turning an **actively exploit...

Timeline

  1. 25.12.2025 10:07 2 articles · 6mo ago

    CISA adds actively exploited Digiever DS-2105 Pro flaw to KEV catalog

    Initial Disclosure

    CISA added CVE-2023-52163 affecting Digiever DS-2105 Pro network video recorders to the Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw is a missing authorization issue in time_tzsetup.cgi that can enable command injection and post-authentication remote code execution, and reports from Akamai and Fortinet said threat actors used it to deliver Mirai and ShadowV2. TXOne Research said the related CVE-2023-52164 file-read flaw also remains unpatched because the device is end-of-life, and CISA advised avoiding internet exposure, changing default credentials, and for Federal Civilian Executive Branch agencies applying mitigations or discontinuing use by January 12, 2025.

    Show sources