Due to many video surveillance NVR recording devices implementing Linux and Unix-derivative operating systems, SecurityHive thought it was important to post information about this known security vulnerability.

If you have an IP-based NVR solution in your environment, we encourage you to contact your manufacturer to determine if you need to take action to protect your system from this known issue.

From Wikipedia:
Shellshock, also known as Bashdoor (and bash bug), is a family of security bugs in the widely used Unix/Linux Bash shell utility, the first of which was disclosed on 24 September 2014.

Many Internet-facing services, such as some web server deployments, [and many NVR video surveillance recording devices] use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands.

This can allow an attacker to gain unauthorized access to a computer system.

St