Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.
https://www.rapid7.com/db/modules/auxiliary/scanner/misc/dvr_config_disclosure