CVE-2025-7723 is a high-severity command injection vulnerability identified in TP-Link Systems Inc.'s VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2 network video recorders (NVRs). The vulnerability arises from improper neutralization of special elements used in operating system commands (CWE-78), allowing an authenticated attacker with high privileges to inject arbitrary OS commands. This flaw exists in firmware versions prior to 1.1.5 Build 250518 for VIGI NVR1104H-4P V1 and prior to 1.3.1 Build 250407 for VIGI NVR2016H-16MP V2. Exploitation requires authentication but no user interaction beyond that, and the vulnerability can lead to full compromise of the affected device. The CVSS 4.0 base score is 8.5, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity and no need for user interaction. The vulnerability does not currently have known exploits in the wild but poses a significant risk due to the critical role of NVRs in video surveillance infrastructure. Successful exploitation could allow attackers to execute arbitrary commands on the device, potentially leading to unauthorized access to video feeds, tampering with recordings, pivoting into internal networks, or causing denial of service. Given the nature of NVRs as security devices, this vulnerability undermines physical security monitoring and could facilitate broader attacks.

For European organizations, this vulnerability presents a substantial risk to physical security infrastructure, especially in sectors relying heavily on video surveillance such as critical infrastructure, transportation, government facilities, and large enterprises. Compromise of NVR devices could lead to unauthorized surveillance, manipulation or deletion of video evidence, and disruption of security operations. This could result in regulatory non-compliance, especially under GDPR where video data is considered personal data, leading to potential fines and reputational damage. Additionally, attackers could leverage compromised NVRs as footholds to infiltrate internal networks, increasing the risk of lateral movement and data breaches. The requirement for authentication limits remote exploitation but insider threats or compromised credentials could facilitate attacks. The high confidentiality, integrity, and availability impact means organizations must prioritize remediation to maintain security posture and trust in surveillance systems.

Organizations should immediately verify the firmware versions of their TP-Link VIGI NVR1104H-4P V1 and VIGI NVR2016H-16MP V2 devices and upgrade to versions 1.1.5 Build 250518 or later for the former, and 1.3.1 Build 250407 or later for the latter, once available. Until patches are applied, restrict administrative access to these devices to trusted networks and personnel only, employing network segmentation and strict access controls. Implement multi-factor authentication (MFA) for device management interfaces to reduce the risk of credential compromise. Monitor device logs and network traffic for unusual command execution patterns or unauthorized access attempts. Disable unnecessary services and interfaces on the NVRs to minimize attack surface. Regularly audit and rotate credentials associated with these devices. If possible, deploy intrusion detection systems (IDS) tuned to detect command injection attempts targeting these devices. Finally, maintain an inventory of all affected devices to ensure comprehensive coverage during remediation efforts.