Browse all 5 CVE security advisories affecting Merit LILIN. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Merit LILIN develops IP video surveillance solutions for security monitoring. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. Security researchers have identified multiple authentication bypass flaws and buffer overflow issues in their firmware. While no major public security incidents have been widely documented, the five CVEs on record highlight ongoing security concerns in their network video recorders and cameras, emphasizing the need for regular firmware updates and proper network segmentation to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-0855 | Merit LILIN|IP Camera - OS Command Injection — P2CWE-78 | 8.8 | High | 2026-01-12 |
| CVE-2026-0854 | Merit LILIN|NVR - OS Command Injection — DH032CWE-78 | 8.8 | High | 2026-01-12 |
| CVE-2025-34132 | LILIN DVR Command Injection via NTPUpdate in dvr_box — DVR FirmwareCWE-78 | 9.8AI | CriticalAI | 2025-07-16 |
| CVE-2025-34130 | LILIN DVR Arbitrary File Read via net_html.cgi — DVR FirmwareCWE-306 | 9.8AI | CriticalAI | 2025-07-16 |
| CVE-2025-34129 | LILIN DVR RCE via Malicious FTP/NTP Configuration — DVR FirmwareCWE-78 | 7.2AI | HighAI | 2025-07-16 |
This page lists every published CVE security advisory associated with Merit LILIN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.