CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-63408

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request (SSRF), or execute OS commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.2%

CVSS Severity

CVSS v3 Score 7.8

References

https://ispysoftware.github.io/Agent_API/
https://www.ericholub.com/blog/agent-dvr-rce/

Products affected by CVE-2025-63408

Ispyconnect » Agent Dvr » Version: 2.7.0.0

cpe:2.3:a:ispyconnect:agent_dvr:2.7.0.0
Ispyconnect » Agent Dvr » Version: 2.7.1.0

cpe:2.3:a:ispyconnect:agent_dvr:2.7.1.0
Ispyconnect » Agent Dvr » Version: 5.1.6.0

cpe:2.3:a:ispyconnect:agent_dvr:5.1.6.0
Ispyconnect » Agent Dvr » Version: 5.1.7.0

cpe:2.3:a:ispyconnect:agent_dvr:5.1.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-63408

Products

Pricing

Contact Us