(CVE-2017-8759 Update)
DVR Examiner
File source (download):
http://dmeforensics.com/getlatest
The DVR Examiner version 2.8.3 relies on the Microsoft .NET Framework version 4.6.2 that is vulnerable to remote code execution through an application (CVE-2017-8759).
The software has a compressed (23.7z) executable file (NDP462-KB3151800-x86-x64-AllOS-ENU.exe) that points to an untrusted source:
hxxps://download.microsoft.com/download/F/9/4/F942F07D-F26F-4F30-B4E3-EBD54FABA377/NDP462-KB3151800-x86-x64-AllOS-ENU.exe
hxxp://tsmovr.swehockey.se/install/dotnet4.exe
For which the correct addressed would be:
The Microsoft .NET Framework has also security vulnerabilities regarding how to handle web requests.
The software has a long list of GUID in use, that could allow privilege escalation. For example:
724EF170-A42D-4FEF-9F26-B60E846FBA4F
Additional References:
http://dmeforensics.com/dvr-examiner/
https://www.dell.com/support/home/ca/en/cabsdt1/drivers/driversdetails?driverid=t7d7y