- Description
- Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
- Products
- ds-2105_pro_firmware, ds-2105_pro\+_firmware
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Digiever DS-2105 Pro Missing Authorization Vulnerability
- Exploit added on
- Dec 22, 2025
- Exploit action due
- Jan 12, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-862
- Hype score
- Not currently trending
CISA Flags Digiever NVR Flaw as Exploited Vulnerability CISA added a Digiever DS-2105 Pro flaw, CVE-2023-52163 (CVSS 8.8), to its Known Exploited Vulnerabilities catalog. The NVR device is vulnerable to remote exploits, emphasizing the need for immediate patching and mitigation
@Secwiserapp
23 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。(12/22追加) 🛡️No.1485 CVE-2023-52163 Digiever DS-2105 Pro Missing Authorization Vulnerability ============= CVSSスコア: 8.8 (Base) / CISA-ADP CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/
@piyokango
23 Dec 2025
3949 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-52163 Exploited: Hackers Bypass Auth to Gain Full Control of Digiever NVR Systems Read the full report on - https://t.co/QvRUynMqs0 https://t.co/QZSUong47K
@Iambivash007
23 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-52163 impacts Digiever DS-2105 Pro (3.1.0.71-11): missing authorization enabling command injection via time_tzsetup.cgi. Treat exposed NVR/DVR management interfaces as high risk and isolate/segment immediately. https://t.co/1iz368ERnI
@BOMvault
22 Dec 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Digiever DS-2105 Pro missing authorization vulnerability CVE-2023-52163 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/Yb2jmZrRf4
@CISACyber
22 Dec 2025
4666 Impressions
9 Retweets
29 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2023-52163 Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the … https://t.co/kKm5M9YaaB
@CVEnew
3 Feb 2025
199 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digiever:ds-2105_pro_firmware:3.1.0.71-11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E34BBAA-9BA1-426D-B25A-F718B9F65D4C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:digiever:ds-2105_pro:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0C110DB3-9915-4DB4-933D-2EA222841CA1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digiever:ds-2105_pro\\+_firmware:3.1.0.71-11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD8A7902-3D5A-4446-9243-0119C3BB32D5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:digiever:ds-2105_pro\\+:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2352C8C4-144E-4B9D-B9DF-A7B7B2B7FFEB"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]