Security Advisory

CVE-2026-0854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-12 05:58:52

Last updated 2026-01-12 14:56:28

Assigner twcert

State PUBLISHED

Description

Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.

← Browse all CVEs View on cve.org ↗