216.73.217.98

CVE-2026-0854

· Published 12/01/2026 06:16 · Modified 13/01/2026 14:03

Labels: CVE-2026-0854 2026-01-12CVE-2026-0854CWE-78[email protected]

Essential information

Published
12/01/2026 06:16
Modified
13/01/2026 14:03
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
merit lilin / dvr nvr cpe:2.3:a:merit_lilin:dvr_nvr:*:*:*:*:*:*:*:*

References