AI description
CVE-2024-3721 is a command injection vulnerability affecting TBK DVR-4104 and DVR-4216 devices up to version 20240412. The vulnerability exists in the processing of the `/device.rsp` file, where manipulation of the `mdb/mdc` argument allows for remote attackers to execute arbitrary operating system commands. The vulnerability is triggered by constructing an OS command using externally influenced input without proper neutralization of special elements. An attacker can exploit this vulnerability remotely, meaning they don't need physical access to the device.
- Description
- A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability.
- Source
- cna@vuldb.com
- NVD status
- Deferred
CVSS 3.1
- Type
- Secondary
- Base score
- 6.3
- Impact score
- 3.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- cna@vuldb.com
- CWE-78
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2023-33308 2 - CVE-2022-42475 3 - CVE-2026-32201 4 - CVE-2026-33827 5 - CVE-2024-3721 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
22 Apr 2026
129 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#Mirai #Variant #Nexcorium #Exploits CVE-2024-3721 to #Hijack #TBK #DVRs for #DDoS #Botnet https://t.co/EGuTVmCGww
@miguelcarvajalm
21 Apr 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiGuard unmasks Nexcorium, a Mirai variant targeting DVRs via CVE-2024-3721. Secure your IoT devices against this multi-arch DDoS botnet. Patch now! #Nexcorium #IoTSecurity #Mirai #Botnet #DDoS #NexusTeam #CyberSecurity #IoT https://t.co/jASwo7qkoq https://t.co/kbDh5Yx1az
@the_yellow_fall
21 Apr 2026
568 Impressions
4 Retweets
8 Likes
4 Bookmarks
1 Reply
0 Quotes
🔴 BOTNET ALERT: Nexcorium (Mirai variant) exploits CVE-2024-3721 to hijack TBK DVRs for DDoS attacks. Millions of IoT devices still unpatched & vulnerable. Update your firmware NOW. #IoTSecurity #DDoS #Botnet
@isectech_
21 Apr 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Patch management systems existed, yet attackers still weaponized a known DVR vulnerability into a live botnet. FortiGuard Labs identified a Mirai-based Nexcorium botnet campaign actively exploiting CVE-2024-3721, a command injection vulnerability in TBK DVR devices. Attackers ht
@rerightai
20 Apr 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Intel Report [HIGH] - A critical OS command injection vulnerability (CVE-2024-3721) affecting TBK DVR-4104 and DVR-4216 devices is being actively exploited in the wild to deploy Nexcorium, a multi-architecture Mirai-based botnet malware. FortiGuard... https://t.co/ARL5fukLKO
@EnigmaGlobalSW
20 Apr 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Mirai variant Nexcorium is exploiting CVE-2024-3721 to hijack TBK DVRs & routers. Compromised devices are used for DDoS botnets ⚠️ Patch firmware, change defaults, replace EoL devices.https://t.co/JI7xaoAE15 #CyberSecurity #IoTSecurity #Mirai #Vulert
@vulert_official
20 Apr 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IoT devices are once again in the crosshairs. ‼️ Our recent research tracks #Nexcorium, a Mirai variant exploiting vulnerable TBK DVRs to gain persistence and launch large-scale DDoS attacks. 🔎 CVE-2024-3721 exploited for initial access 📨 Multi-architecture malware fo
@FortiGuardLabs
20 Apr 2026
235 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
New Mirai variant alert: Nexcorium is exploiting CVE-2024-3721 in TBK DVRs to build a massive DDoS botnet. It features multi-arch support and aggressive persistence tactics. Stay ahead of the "Nexus Team." What’s your take on the rising IoT threat landscape? #InfoSec #IoT http
@TechNadu
20 Apr 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet https://t.co/WxHwywG4ru Mon, 20 Apr 2026 13:01:00 GMT FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices
@ASRRanking
20 Apr 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet: FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices https://t.co/R1I4r0p9V6 https://t.co/OX9S1qrZ4b
@shah_sheikh
20 Apr 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers Use CVE-2024-3721 to Infect TBK DVRs With Nexcorium DDoS Malware https://t.co/v29KR5jzVu
@R4yt3d
20 Apr 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat actors exploit CVE-2024-3721 in TBK DVRs to deploy #Mirai malware. Stay alert for signs of compromise. #CyberThreat ⬇️ Full brief: https://t.co/f2P7uf58Pw
@WideWatchers
20 Apr 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New Threat: Nexcorium Malware Hackers are exploiting TBK DVRs (CVE-2024-3721) for DDoS attacks. Protect your IoT with Wiseman Infosec’s Zero Trust & Micro-segmentation. 🛡️ 🌐 https://t.co/wVa9YMZcUV 📧 sales@wisemaninfosec.com #CyberSecurity #IoT #DDoS #Wi
@officialwisema
20 Apr 2026
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
監視用DVRの脆弱性を突くボットネット攻撃が拡大し、Mirai系マルウェア「Nexcorium」による大規模DDoS基盤が構築されている。 Fortinetの分析によると、攻撃者はTBK製DVRの欠陥CVE-2024-3721を悪用し、認証不要でコマン
@yousukezan
20 Apr 2026
1255 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/psqVbwgWkj #mirai #nexcorium #DDoSbotnet #botnet #TBK #DVR #hijack #cyberattack
@ReconBee
20 Apr 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/GdOAEz88r3 via @TheHackersNews
@DCICyberSecNews
20 Apr 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New Mirai variant, Nexcorium, is targeting TBK DVRs & older TP-Link routers via CVE-2024-3721 – understand this means AI developers & security pros need to bolster defences against IoT botnet attacks. 🛡️ #Mirai #IoTsecurity #Cybersecurity https://t.co/fQHg3wsmg6
@Gdy_Digital
20 Apr 2026
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
☣️ Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/NMars0qm51 #iot #ddos #botnet #cybersecurity
@jbzfn
19 Apr 2026
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Miraiの亜種NexcoriumがCVE-2024-3721を悪用し、TBK DVRを乗っ取ってDDoSボットネットを構築 Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet #HackerNews (Apr 18) https://t.co/LpsqgtvrFY
@foxbook
19 Apr 2026
272 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/8LI2TLlxYT
@TechNowPulse
19 Apr 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Intel Report [HIGH] - FortiGuard Labs has identified and analyzed a new Mirai variant called Nexcorium that is actively exploiting CVE-2024-3721, an OS command injection vulnerability in TBK DVR devices (models DVR-4104 and DVR-4216), to build a... https://t.co/Hx5QZLO6an
@EnigmaGlobalSW
19 Apr 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/OrSuDuKtvU
@DeepBlueInfoSec
19 Apr 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/nL1JpOCEY3
@JedisecX
19 Apr 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/h0HpuWJAqA
@samilaiho
19 Apr 2026
359 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity CVE-2024-3721: TBK DVR Command Injection & Nexcorium Mirai Variant — Detection … "TBK DVRs and EoL TP-Link routers are actively hijacked by the Nexcorium Mirai…" 🔗 https://t.co/facA1DvrVo #CyberSecurity #ThreatIntel #sigmarule #kqldetection #t
@SecurityAr58409
19 Apr 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Nexcorium is using CVE-2024-3721 to hijack TBK DVRs and old TP-Link routers, turning them into a DDoS botnet. SMEs: patch devices, retire old gear, segment networks, and monitor IoT traffic. Stay calm, but stay protected. Read more: https://t.co/dEyquxO85S
@StrongKeepCyber
19 Apr 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【Fortinet分析、NexcoriumはTBK DVRから広がる“多段型Mirai”】 FortinetのNexcorium分析を見ると、これは単なるTBK DVR単発悪用ではありません。入口はCVE-2024-3721ですが、その後に複数アーキテクチャへの展開、Telnet総
@01ra66it
19 Apr 2026
247 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
• #CyberSecurity #CyberCrime #DataHack #DataPrivacy #DataTheft #DataLeaks #DataBreach 💾 • • #Hacked #Malware #Spyware #Zerodays #Ransomware #Phishing #Backdoor #RCE #RAT ☠️ • » Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
@tatha_gautama
19 Apr 2026
61 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat actors exploit security flaws in TBK DVRs and EOL TP-Link routers to deploy Mirai botnets. CVE-2024-3721 (score 6.3) is a key vulnerability targeted. Stay updated! https://t.co/2oi6RYa0dC
@technoholic_me
19 Apr 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/L1yucZICoL via @TheHackersNews
@jackgoesvirtual
19 Apr 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨IoT機器が危ない! TBK DVRの脆弱性(CVE-2024-3721)が悪用され、Mirai亜種Nexcoriumに感染しDDoS攻撃に利用される事例が発生。脆弱性対策が不十分なIoT機器が狙われています。あなたのデバイスは大丈夫?早急な確認
@motch_dev
19 Apr 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/8LI2TLlxYT
@TechNowPulse
18 Apr 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Mirai Variant #Nexcorium #Exploits CVE-2024-3721 to #Hijack #TBK #DVRs for #DDoS #Botnet https://t.co/yS9WCjvSS5 https://t.co/ftIAjLEAlc
@omvapt
18 Apr 2026
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/jjJNFu0Ztk via @TheHackersNews
@bteater51
18 Apr 2026
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
So there's a new Mirai variant called Nexcorium making the rounds and honestly it's exactly what you'd expect at this point. It's going after TBK DVRs and those ancient TP-Link routers everyone forgot about in their closets. CVE-2024-3721 is the entry point and yeah, the usual
@thecyberjim
18 Apr 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TRC analysis shows Nexcorium botnet exploiting CVE-2024-3721 in TBK DVR devices to deploy Mirai variants across networks. Attackers escalated privileges then moved laterally using additional exploits, integrating compromised devices into DDoS infrastructure. #ZeroDay 🔗 Full
@aviatrixtrc
18 Apr 2026
176 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
A recent campaign exploiting CVE-2024-3721 in TBK DVR devices to deliver a multi-architecture Mirai variant called Nexcorium #botnet https://t.co/rKUftppav6 https://t.co/sDAO6tiW9U
@blackorbird
18 Apr 2026
2026 Impressions
6 Retweets
25 Likes
7 Bookmarks
1 Reply
1 Quote
Mirai Variant Nexcorium #exploits #CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet. Protect your machine against #exploits, update your software with #UCheck https://t.co/El5PvDjJAb
@AdliceSoftware
18 Apr 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet - https://t.co/h2MlF69GbE
@moton
18 Apr 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai variant Nexcorium exploits TBK DVR bug (CVE-2024-3721) and EoL TP-Link routers for DDoS. Multi-arch binaries, 'Nexus Team' traffic tag. Unpatched IoT keeps paying botnet dividends. https://t.co/pqaXvYCJam #infosec #IoT #Mirai #DDoS
@CyberDaily_News
18 Apr 2026
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Criminals are exploiting security flaws in TBK DVR security cameras and old TP-Link Wi-Fi routers to install Mirai botnet malware — software that hijacks your device to launch attacks against other targets. The TBK flaw (CVE-2024-3721) has been exploited for over a year. The
@cybernewslive
18 Apr 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Nexcorium Mirai variant exploits CVE-2024-3721 in TBK DVRs and end-of-life TP-Link routers for DDoS botnet expansion. Multi-architecture malware uses XOR encoding and embeds CVE-2017-17215 exploits. #DFIR_Radar https://t.co/s8rwl3TQkG
@DFIR_Radar
18 Apr 2026
324 Impressions
1 Retweet
6 Likes
1 Bookmark
1 Reply
0 Quotes
🔴 Cautious · 🛡️ Safety 🤖 Mirai Variant Nexcorium Exploiting TBK DVR Vulnerability for Botnet Activities 🔗 Source: The Hacker News A new Mirai variant, dubbed Nexcorium, has emerged, actively exploiting the CVE-2024-3721 vulnerability to compromise TBK digital vid
@ElSapoLabs
18 Apr 2026
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Nexcorium Mirai variant exploits CVE-2024-3721 to hijack IoT devices for DDoS botnet Command injection + multi-arch payload + brute-force spread → persistent large-scale botnet 💡 Lesson: Modern botnets = exploit + credential abuse + persistence ⚠️ Action: Patch C
@VivekIntel
18 Apr 2026
1089 Impressions
4 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
Cybersecurity researchers at Fortinet's FortiGuard Labs have identified a new Mirai variant, Nexcorium, targeting DVR devices, particularly TBK DVR-4104 and DVR-4216 models, exploiting CVE-2024-3721. https://t.co/ItPFAWiokr
@securityRSS
18 Apr 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apr 18, 2026 🚨 New Mirai variant Nexcorium is exploiting CVE-2024-3721 to hijack TBK DVRs and EoL TP-Link routers for DDoS attacks. Stay vigilant! https://t.co/XVV3mBqbOB
@kernyx64
18 Apr 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/pfTqB88k67
@Dinosn
18 Apr 2026
1436 Impressions
4 Retweets
10 Likes
0 Bookmarks
1 Reply
0 Quotes
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet https://t.co/bZZOJYvwU7 https://t.co/gsTrheU3PE
@TonyBeeTweets
18 Apr 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BREAKING: Mirai-variant Nexcorium hijacks TBK DVR-4104 and DVR-4216 via CVE-2024-3721 to build global IoT DDoS botnet using default passwords and brute-force logins. https://t.co/kE7ruljGjL
@threatcluster
18 Apr 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes