A critical vulnerability (CVE-2025-6561) has been discovered in Hunt Electronics’ hybrid DVRs, exposing administrator credentials in plaintext and allowing unauthenticated remote access. Immediate device updates and security measures are essential to prevent potential cyberattacks and safeguard surveillance systems. #CVE-2025-6561 #HuntElectronics
Keypoints
- The vulnerability affects Hunt Electronics’ HBF-09KD and HBF-16NK DVR models running firmware version V3.1.67_1786 BB11115 and earlier.
- Unauthenticated attackers can remotely access the system’s configuration and retrieve admin credentials in plaintext.
- Successful exploitation allows full control over the DVR, surveillance manipulation, and further network attacks.
- Hunt Electronics has released a firmware update (V3.1.70_1806 BB50604 or later) to fix the issue.
- Users should update devices immediately, disconnect affected DVRs from public networks, and change administrator passwords.
Read More: https://gbhackers.com/hunt-electronic-dvr-vulnerability/