Hikvision DS-2CD7153-E IP Camera has Privilege Escalation
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd7153-e_firmware | 4.1.0_b130111 |
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd7153-e_firmware | - |
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd7153-e | - |
| hikvision | ds-2cd7153-e_firmware | 4.1.0_b130111 |
Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorization header.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | dvr_ds-7204_firmware | 2.2.10 |
Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the PSIA issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-77xxx_series_firmware | * |
| hikvision | ds-76xxx_series_firmware | * |
Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the ISAPI issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-77xxx_series_firmware | * |
| hikvision | ds-76xxx_series_firmware | * |
Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the SDK issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-77xxx_series_firmware | * |
| hikvision | ds-76xxx_series_firmware | * |
Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ivms-4200 | * |
HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product
CVSS 2.0
Severity: LOW
Problem Type: CWE-311,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd2432f-iw_firmware | * |
An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd2332-i_firmware | - |
| hikvision | ds-2cd4332fwd-i(h)_firmware | - |
| hikvision | ds-2cd4212f-i(h)_firmware | - |
| hikvision | ds-2cd2512f-i(s)_firmware | - |
| hikvision | ds-2cd4212fwd-i(z)_firmware | - |
| hikvision | ds-2cd63xx_series_firmware | - |
| hikvision | ds-2dfx_series_firmware | - |
| hikvision | ds-2cd4324f-i(s)_firmware | - |
| hikvision | ds-2cd4212f-i(s)_firmware | - |
| hikvision | ds-2cd2632f-i(s)_firmware | - |
| hikvision | ds-2cd4232fwd-i(h)_firmware | - |
| hikvision | ds-2cd2232-i5_firmware | - |
| hikvision | ds-2cd4032fwd-(a)_firmware | - |
| hikvision | ds-2cd2212-i5_firmware | - |
| hikvision | ds-2cd4312f-i(s)_firmware | - |
| hikvision | ds-2cd4224f-i(s)_firmware | - |
| hikvision | ds-2cd2732f-i(s)_firmware | - |
| hikvision | ds-2cd2t32-i5_firmware | - |
| hikvision | ds-2cd4312f-i(h)_firmware | - |
| hikvision | ds-2cd2712f-i(s)_firmware | - |
| hikvision | ds-2cd4024f-(w)_firmware | - |
| hikvision | ds-2cd4124f-i(z)_firmware | - |
| hikvision | ds-2cd4312f-i(z)_firmware | - |
| hikvision | ds-2cd4224f-i(z)_firmware | - |
| hikvision | ds-2cd4332fwd-i(z)_firmware | - |
| hikvision | ds-2cd6412fwd_firmware | - |
| hikvision | ds-2cd4024f-(p)_firmware | - |
| hikvision | ds-2cd4324f-i(z)_firmware | - |
| hikvision | ds-2cd4032fwd-(w)_firmware | - |
| hikvision | ds-2cd4024f-(a)_firmware | - |
| hikvision | ds-2cd2112-i_firmware | - |
| hikvision | ds-2cd4232fwd-i(z)_firmware | - |
| hikvision | ds-2cd2t32-i3_firmware | - |
| hikvision | ds-2cd4012fwd-(a)_firmware | - |
| hikvision | ds-2cd4212fwd-i(s)_firmware | - |
| hikvision | ds-2cd2412f-i(w)_firmware | - |
| hikvision | ds-2cd4012f-(a)_firmware | - |
| hikvision | ds-2cd4012fwd-(p)_firmware | - |
| hikvision | ds-2cd4112f-i(z)_firmware | - |
| hikvision | ds-2cd4224f-i(h)_firmware | - |
| hikvision | ds-2cd4132fwd-i(z)_firmware | - |
| hikvision | ds-2cd4012f-(w)_firmware | - |
| hikvision | ds-2cd4112fwd-i(z)_firmware | - |
| hikvision | ds-2cd2312-i_firmware | - |
| hikvision | ds-2cd4232fwd-i(s)_firmware | - |
| hikvision | ds-2cd4212fwd-i(h)_firmware | - |
| hikvision | ds-2cd2432f-i(w)_firmware | - |
| hikvision | ds-2cd2532f-i(s)_firmware | - |
| hikvision | ds-2cd2t32-i8_firmware | - |
| hikvision | ds-2cd4212f-i(z)_firmware | - |
| hikvision | ds-2cd2132-i_firmware | - |
| hikvision | ds-2cd4012fwd-(w)_firmware | - |
| hikvision | ds-2cd4032fwd-(p)_firmware | - |
| hikvision | ds-2cd4012f-(p)_firmware | - |
| hikvision | ds-2cd4324f-i(h)_firmware | - |
| hikvision | ds-2cd2612f-i(s)_firmware | - |
| hikvision | ds-2cd2032-i_firmware | - |
| hikvision | ds-2cd4332fwd-i(s)_firmware | - |
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-260,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd2332-i_firmware | - |
| hikvision | ds-2cd4332fwd-i(h)_firmware | - |
| hikvision | ds-2cd4212f-i(h)_firmware | - |
| hikvision | ds-2cd2512f-i(s)_firmware | - |
| hikvision | ds-2cd4212fwd-i(z)_firmware | - |
| hikvision | ds-2cd63xx_series_firmware | - |
| hikvision | ds-2dfx_series_firmware | - |
| hikvision | ds-2cd4324f-i(s)_firmware | - |
| hikvision | ds-2cd4212f-i(s)_firmware | - |
| hikvision | ds-2cd2632f-i(s)_firmware | - |
| hikvision | ds-2cd4232fwd-i(h)_firmware | - |
| hikvision | ds-2cd2232-i5_firmware | - |
| hikvision | ds-2cd4032fwd-(a)_firmware | - |
| hikvision | ds-2cd2212-i5_firmware | - |
| hikvision | ds-2cd4312f-i(s)_firmware | - |
| hikvision | ds-2cd4224f-i(s)_firmware | - |
| hikvision | ds-2cd2732f-i(s)_firmware | - |
| hikvision | ds-2cd2t32-i5_firmware | - |
| hikvision | ds-2cd4312f-i(h)_firmware | - |
| hikvision | ds-2cd2712f-i(s)_firmware | - |
| hikvision | ds-2cd4024f-(w)_firmware | - |
| hikvision | ds-2cd4124f-i(z)_firmware | - |
| hikvision | ds-2cd4312f-i(z)_firmware | - |
| hikvision | ds-2cd4224f-i(z)_firmware | - |
| hikvision | ds-2cd4332fwd-i(z)_firmware | - |
| hikvision | ds-2cd6412fwd_firmware | - |
| hikvision | ds-2cd4024f-(p)_firmware | - |
| hikvision | ds-2cd4324f-i(z)_firmware | - |
| hikvision | ds-2cd4032fwd-(w)_firmware | - |
| hikvision | ds-2cd4024f-(a)_firmware | - |
| hikvision | ds-2cd2112-i_firmware | - |
| hikvision | ds-2cd4232fwd-i(z)_firmware | - |
| hikvision | ds-2cd2t32-i3_firmware | - |
| hikvision | ds-2cd4012fwd-(a)_firmware | - |
| hikvision | ds-2cd4212fwd-i(s)_firmware | - |
| hikvision | ds-2cd2412f-i(w)_firmware | - |
| hikvision | ds-2cd4012f-(a)_firmware | - |
| hikvision | ds-2cd4012fwd-(p)_firmware | - |
| hikvision | ds-2cd4112f-i(z)_firmware | - |
| hikvision | ds-2cd4224f-i(h)_firmware | - |
| hikvision | ds-2cd4132fwd-i(z)_firmware | - |
| hikvision | ds-2cd4012f-(w)_firmware | - |
| hikvision | ds-2cd4112fwd-i(z)_firmware | - |
| hikvision | ds-2cd2312-i_firmware | - |
| hikvision | ds-2cd4232fwd-i(s)_firmware | - |
| hikvision | ds-2cd4212fwd-i(h)_firmware | - |
| hikvision | ds-2cd2432f-i(w)_firmware | - |
| hikvision | ds-2cd2532f-i(s)_firmware | - |
| hikvision | ds-2cd2t32-i8_firmware | - |
| hikvision | ds-2cd4212f-i(z)_firmware | - |
| hikvision | ds-2cd2132-i_firmware | - |
| hikvision | ds-2cd4012fwd-(w)_firmware | - |
| hikvision | ds-2cd4032fwd-(p)_firmware | - |
| hikvision | ds-2cd4012f-(p)_firmware | - |
| hikvision | ds-2cd4324f-i(h)_firmware | - |
| hikvision | ds-2cd2612f-i(s)_firmware | - |
| hikvision | ds-2cd2032-i_firmware | - |
| hikvision | ds-2cd4332fwd-i(s)_firmware | - |
There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd9111-s_firmware | * |
A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ip_cameras | - |
Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogin/capabilities login attempts depending on whether the user account exists, which might make it easier to enumerate users. However, only about 4 or 5 failed logins are allowed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-307,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-7204hghi-f1_firmware | 4.0.1 |
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-2cd3023g2-iu_firmware | - |
| hikvision | ds-2cd3323g2-iu_firmware | - |
| hikvision | ds-2df5225x-ae3(t3)_firmware | - |
| hikvision | ds-2df8242ix-aelw(t3)_firmware | - |
| hikvision | ds-2td1117-2/pa_firmware | - |
| hikvision | ds-2cd2186g2-isu_firmware | - |
| hikvision | ds-2cd2547g2-ls_firmware | - |
| hikvision | ds-2cd3663g2-izs_firmware | - |
| hikvision | ds-2cd2063g2-i(u)_firmware | - |
| hikvision | ds-2cd2327g2-l(u)_firmware | - |
| hikvision | ds-2cd2323g2-i(u)_firmware | - |
| hikvision | ds-2cd2326g2-isu/sl_firmware | - |
| hikvision | ds-7616ni-q1_firmware | * |
| hikvision | ds-2cd3186g2-is(u)_firmware | - |
| hikvision | ds-2cd2526g2-is_firmware | - |
| hikvision | ds-2df7225ix-aelw(t3)_firmware | - |
| hikvision | ids-2vs435-f840-ey_firmware | - |
| hikvision | ds-2df5232x-ae3)t3)_firmware | - |
| hikvision | ds-2df6a436x-ael(t3)_firmware | - |
| hikvision | ds-2cd2121g1-i(w)_firmware | - |
| hikvision | ds-2cd2523g2-i(s)_firmware | - |
| hikvision | ds-2df7232ix-ael(t3)_firmware | - |
| hikvision | ds-2cd2783g2-izs_firmware | - |
| hikvision | ds-2cd2183g2-iu_firmware | - |
| hikvision | ds-2cd3756g2-izs_firmware | - |
| hikvision | ds-2df8242ix-ael(t5)_firmware | - |
| hikvision | ds-2cd2626g2-izsu/sl_firmware | - |
| hikvision | ds-2cd2083g2-i(u)_firmware | - |
| hikvision | ds-2cd2646g2-izsu/sl_firmware | - |
| hikvision | ptz-n2204i-de3_firmware | - |
| hikvision | ds-2df8442ixs-aelw(t5)_firmware | - |
| hikvision | ds-2td6267-100c4l/w_firmware | - |
| hikvision | ds-2df5232x-ael(t3)_firmware | - |
| hikvision | ds-2cd3763g2-izs_firmware | - |
| hikvision | ds-2xe6422fwd-izhrs_firmware | - |
| hikvision | ds-2df8242i5x-aelw(t3)_firmware | - |
| hikvision | ds-2df8a842ixs-ael(t5)_firmware | - |
| hikvision | ds-2td4167-25/w_firmware | - |
| hikvision | ds-2cd3556g2-is_firmware | - |
| hikvision | ds-2cd2121g1_firmware | - |
| hikvision | ds-2cd2683g2-izs_firmware | - |
| hikvision | ds-2cd3356g2-isu/sl_firmware | - |
| hikvision | ds-2cd3056g2-is_firmware | - |
| hikvision | ds-2df8436i5x-aelw(t3)_firmware | - |
| hikvision | ds-2cd2066g2-iu/sl_firmware | - |
| hikvision | ds-2cd2086g2-iu/sl_firmware | - |
| hikvision | ds-7108ni-q1/8p/m_firmware | * |
| hikvision | ds-2cd2543g2-i(ws)_firmware | - |
| hikvision | ds-2dy9240ix-a(t5)_firmware | - |
| hikvision | ds-2td8166-150zh2f/v2_firmware | - |
| hikvision | ptz-n2404i-de3_firmware | - |
| hikvision | ptz-n5225i-a_firmware | - |
| hikvision | ids-2sk8144ixs-d/j_firmware | - |
| hikvision | ds-2cd3656g2-izs_firmware | - |
| hikvision | ds-2cd2623g2-izs_firmware | - |
| hikvision | ds-2cd2121g0-i(w)(s)_firmware | - |
| hikvision | ds-2df6a836x-ael(t5)_firmware | - |
| hikvision | ds-2cd2027g2-lu/sl_firmware | - |
| hikvision | ds-2df6a436x-ael(t5)_firmware | - |
| hikvision | ds-2cd3526g2-is_firmware | - |
| hikvision | ptz-n4215i-de_firmware | - |
| hikvision | ds-2td8166-180ze2f/v2_firmware | - |
| hikvision | ds-2cd2346g2-isu/sl_firmware | - |
| hikvision | ds-7104ni-q1_firmware | * |
| hikvision | ds-2cd2046g2-iu/sl_firmware | - |
| hikvision | ds-2xe6442f-izhrs(b)_firmware | - |
| hikvision | ds-2df8225ih-ael(w)_firmware | - |
| hikvision | ds-2td6267-50h4l/w_firmware | - |
| hikvision | ds-2cd3126g2-is(u)_firmware | - |
| hikvision | ds-2cd3386g2-is(u)_firmware | - |
| hikvision | ds-2df8425ix-aelw(t3)_firmware | - |
| hikvision | ds-2dy92500x-a(t5)_firmware | - |
| hikvision | ds-2cd2023g2-i(u)_firmware | - |
| hikvision | ds-2cd2723g2-izs_firmware | - |
| hikvision | ds-2cd3356g2-is_firmware | - |
| hikvision | ds-2df8242i5x-ael(t3)_firmware | - |
| hikvision | ds-7616ni-q2_firmware | * |
| hikvision | ds-2cd2143g2-i(s)_firmware | - |
| hikvision | ds-2cd2183g2-i(u)_firmware | - |
| hikvision | ds-2df7232ix-aelw(t3)_firmware | - |
| hikvision | ds-2df8a442ixs-af/sp(t5)_firmware | - |
| hikvision | ds-2cd3586g2-is_firmware | - |
| hikvision | ds-7108ni-q1/m_firmware | * |
| hikvision | ds-2cd3056g2-iu/sl_firmware | - |
| hikvision | ds-2cd3623g2-izs_firmware | - |
| hikvision | ds-2cd2586g2-i(s)_firmware | - |
| hikvision | ds-2td8166-100c2f/v2_firmware | - |
| hikvision | ds-7608ni-q1_firmware | * |
| hikvision | ds-2cd3156g2-is(u)_firmware | - |
| hikvision | ds-2df8250i8x-ael(t3)_firmware | - |
| hikvision | ds-2cd3743g2-izs_firmware | - |
| hikvision | ds-2cd3363g2-iu_firmware | - |
| hikvision | ds-2df8442ixs-aelw(t2)_firmware | - |
| hikvision | ds-2cd2163g2-i(s)_firmware | - |
| hikvision | ds-2cd2166g2-i(su)_firmware | - |
| hikvision | ds-2df8a442ixs-aely(t5)_firmware | - |
| hikvision | ds-2cd2147g2-l(su)_firmware | - |
| hikvision | ds-2cd3143g2-i(s)u_firmware | - |
| hikvision | ds-2cd2786g2-izs_firmware | - |
| hikvision | ds-2td8166-75c2f/v2_firmware | - |
| hikvision | ds-2td8166-150ze2f/v2_firmware | - |
| hikvision | ds-2cd2366g2-i(u)_firmware | - |
| hikvision | ds-2cd2386g2-i(u)_firmware | - |
| hikvision | ptz-n4215-de3_firmware | - |
| hikvision | ds-2td1217b-3/pa_firmware | - |
| hikvision | ds-7604ni-q1_firmware | * |
| hikvision | ds-2cd3343g2-iu_firmware | - |
| hikvision | ds-2df6a436x-aely(t5)_firmware | - |
| hikvision | ds-7104ni-q1/4p_firmware | * |
| hikvision | ds-2df8a442ixs-ael(t2)_firmware | - |
| hikvision | ds-2dyh2a0ixs-d(t2)_firmware | - |
| hikvision | ds-7608ni-k1/8p/4g_firmware | * |
| hikvision | ds-7104ni-q1/4p/m_firmware | * |
| hikvision | ds-2cd2347g2-lsu/sl_firmware | - |
| hikvision | ds-2cd2766g2-izs_firmware | - |
| hikvision | ds-2cd2686g2-izsu/sl_firmware | - |
| hikvision | ds-2cd2421g0-i(d)w_firmware | - |
| hikvision | ds-2df8425ix-aelw(t5)_firmware | - |
| hikvision | ds-2df6a236x-ael(t3)_firmware | - |
| hikvision | ds-2cd2426g2-i_firmware | - |
| hikvision | ds-2td4167-50/w_firmware | - |
| hikvision | ds-2cd2321g0-i/nf_firmware | - |
| hikvision | ds-2cd3786g2-izs_firmware | - |
| hikvision | ds-2xe6482f-izhrs_firmware | - |
| hikvision | ds-2df6a825x-ael_firmware | - |
| hikvision | ds-7616ni-q2/16p_firmware | * |
| hikvision | ds-2td1117-6/pa_firmware | - |
| hikvision | ds-2cd2123g2-i(s)_firmware | - |
| hikvision | ds-2cd2143g2-iu_firmware | - |
| hikvision | ds-2xe6242f-is/316l(b)_firmware | - |
| hikvision | ds-2df8425ix-ael(t5)_firmware | - |
| hikvision | ds-2td6267-75c4l/wy_firmware | - |
| hikvision | ds-2cd2523g2-i(u)_firmware | - |
| hikvision | ds-7108ni-q1/8p_firmware | * |
| hikvision | ds-2cd2763g2-izs_firmware | - |
| hikvision | ds-2cd3523g2-is_firmware | - |
| hikvision | ds-7608ni-q2_firmware | * |
| hikvision | ds-2cd2123g2-iu_firmware | - |
| hikvision | ds-2td6237-50h4l/w_firmware | - |
| hikvision | ds-2td1117-3/pa_firmware | - |
| hikvision | ds-2td6266t-50h2l_firmware | - |
| hikvision | ds-2cd2347g2-l(u)_firmware | - |
| hikvision | ds-2cd3026g2-is_firmware | - |
| hikvision | ds-2cd2047g2-l(u)_firmware | - |
| hikvision | ds-2df7225ix-ael(t3)_firmware | - |
| hikvision | ds-7608ni-k1/8p_firmware | - |
| hikvision | ds-2df6a425x-ael(t3)_firmware | - |
| hikvision | ds-2cd2663g2-izs_firmware | - |
| hikvision | ds-2cd2526g2-i(s)_firmware | - |
| hikvision | ds-7104ni-q1/m_firmware | * |
| hikvision | ds-2cd3643g2-izs_firmware | - |
| hikvision | ds-2df8a442nxs-ael(t5)_firmware | - |
| hikvision | ds-2df8225ix-ael(t3)_firmware | - |
| hikvision | ids-2vs435-f840-ey(t3)_firmware | - |
| hikvision | ds-2df8242i5x-aelw(t5)_firmware | - |
| hikvision | ds-2cd2686g2-izs_firmware | - |
| hikvision | ds-2cd3543g2-is_firmware | - |
| hikvision | ds-2cd3126g2-is_firmware | - |
| hikvision | ds-2cd2183g2-i(s)_firmware | - |
| hikvision | ds-2td4137-50/w_firmware | - |
| hikvision | ds-2cd2127g2-(-su)_firmware | - |
| hikvision | ds-2cd2121g1-idw_firmware | - |
| hikvision | ds-2cd2086g2-i(u)_firmware | - |
| hikvision | ds-2dy9250izs-a(t5)_firmware | - |
| hikvision | ds-2cd3123g2-i(s)u_firmware | - |
| hikvision | ds-2dy9236i8x-a(t3)_firmware | - |
| hikvision | ds-2cd3386g2-is_firmware | - |
| hikvision | ds-2cd3326g2-isu/sl_firmware | - |
| hikvision | ds-7608ni-q2/8p_firmware | * |
| hikvision | ds-2cd2621g0-i(z)(s)_firmware | - |
| hikvision | ds-2cd3723g2-izs_firmware | - |
| hikvision | ds-2cd2547g2-lzs_firmware | - |
| hikvision | ds-2df8225ih-ael_firmware | - |
| hikvision | ds-2dy9236ix-a(t3)_firmware | - |
| hikvision | ds-2df8225ix-aelw(t5)_firmware | - |
| hikvision | ds-7608ni-k1/4g_firmware | - |
| hikvision | ds-2cd2066g2-i(u)_firmware | - |
| hikvision | ds-2td4136t-9_firmware | - |
| hikvision | ds-2td8167-190ze2f/wy_firmware | - |
| hikvision | ds-2td4137-25/w_firmware | - |
| hikvision | ds-2cd2386g2-isu/sl_firmware | - |
| hikvision | ds-2df8442ixs-ael(t5)_firmware | - |
| hikvision | ds-2cd3547g2-ls_firmware | - |
| hikvision | ds-2cd3156g2-is_firmware | - |
| hikvision | ds-2cd2383g2-i(u)_firmware | - |
| hikvision | ds-2cd2446g2-i_firmware | - |
| hikvision | ds-2cd2387g2-l(u)_firmware | - |
| hikvision | ds-2df5225x-ael(t3)_firmware | - |
| hikvision | ds-2cd2563g2-i(s)_firmware | - |
| hikvision | ds-2cd3063g2-iu_firmware | - |
| hikvision | ds-2td6267-100c4l/wy_firmware | - |
| hikvision | ds-2cd2643g2-izs_firmware | - |
| hikvision | ds-7108ni-q1_firmware | * |
| hikvision | ds-2cd3163g2-i(s)u_firmware | - |
| hikvision | ds-2df8a442ixs-ael(t5)_firmware | - |
| hikvision | ds-2td1217b-6/pa_firmware | - |
| hikvision | ds-2dy9236i8x-a_firmware | - |
| hikvision | ds-2cd3563g2-is_firmware | - |
| hikvision | ds-2td6266t-25h2l_firmware | - |
| hikvision | ds-7608ni-q1/8p_firmware | * |
| hikvision | ds-2td8167-190ze2f/w_firmware | - |
| hikvision | ds-2cd3686g2-izs_firmware | - |
| hikvision | ds-2cd2163g2-iu_firmware | - |
| hikvision | ds-2cd3043g2-iu_firmware | - |
| hikvision | ds-2dy9236x-a(t3)_firmware | - |
| hikvision | ds-2cd3026g2-iu/sl_firmware | - |
| hikvision | ds-2xe6452f-izh(r)s_firmware | - |
| hikvision | ds-2td6236t-50h2l_firmware | - |
| hikvision | ds-2cd2026g2-iu/sl_firmware | - |
| hikvision | ds-2td4166t-9_firmware | - |
| hikvision | ds-2td6237-75c4l/w_firmware | - |
| hikvision | ds-2cd2546g2-i(s)_firmware | - |
| hikvision | ds-2cd2343g2-i(u)_firmware | - |
| hikvision | ds-2cd2566g2-i(s)_firmware | - |
| hikvision | ds-2df8442ixs-aely(t5)_firmware | - |
| hikvision | ds-2cd2366g2-isu/sl_firmware | - |
| hikvision | ds-2df6a225x-ael)t3)_firmware | - |
| hikvision | ds-2cd2087g2-l(u)_firmware | - |
| hikvision | ds-2cd3047g2-ls_firmware | - |
| hikvision | ds-2cd2583g2-i(s)_firmware | - |
| hikvision | ds-2df8442ixs-aelwy(t5)_firmware | - |
| hikvision | ds-2df8236i5x-aelw_firmware | - |
| hikvision | ds-2cd3347g2-ls(u)_firmware | - |
| hikvision | ds-2df8225ix-aelw(t3)_firmware | - |
| hikvision | ids-2sk718mxs-d_firmware | - |
| hikvision | ds-2cd3356g2-is(u)_firmware | - |
| hikvision | ds-2cd2043g2-i(u)_firmware | - |
| hikvision | ds-2cd2186g2-i(su)_firmware | - |
| hikvision | ds-2cd3726g2-izs_firmware | - |
| hikvision | ds-760ni-k1/4p_firmware | - |
| hikvision | ds-7616ni-k1_firmware | * |
| hikvision | ds-2cd3056g2iu/sl_firmware | - |
| hikvision | ds-2cd3626g2-izs_firmware | - |
| hikvision | ds-7608ni-k1_firmware | - |
| hikvision | ds-2df8225ix-ael(t5)_firmware | - |
| hikvision | ds-2td8167-230zg2f/w_firmware | - |
| hikvision | ds-2cd2527g2-ls_firmware | - |
| hikvision | ds-2cd2721g0-i(z)(s)_firmware | - |
| hikvision | ds-2td6267-75c4l/w_firmware | - |
| hikvision | ds-2td8167-230zg2f/wy_firmware | - |
| hikvision | ds-7604ni-q1/4p_firmware | * |
| hikvision | ds-2df8425ix-ael(t3)_firmware | - |
| hikvision | ds-2cd2027g2-l(u)_firmware | - |
| hikvision | ds-2df8242ix-aely(t3)_firmware | - |
| hikvision | ds-7604ni-k1/4p/4g_firmware | - |
| hikvision | ds-2cd2363g2-i(u)_firmware | - |
| hikvision | ids-2pt9a144mxs-d/t2_firmware | - |
| hikvision | ds-2cd2021g1-i(w)_firmware | - |
| hikvision | ds-2td8167-150zc4f/w_firmware | - |
| hikvision | ds-2cd3086g2-is_firmware | - |
| hikvision | ds-2cd2421g0-i(d)(w)_firmware | - |
| hikvision | ds-7604ni-k1_firmware | - |
| hikvision | ptz-n4225i-de_firmware | - |
| hikvision | ds-2cd2666g2-izsu/sl_firmware | - |
| hikvision | ds-2cd2743g2-izs_firmware | - |
| hikvision | ds-2cd2666g2-izs_firmware | - |
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| hsrc@hikvision.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-a81016s_firmware | * |
| hikvision | ds-a80316s_firmware | * |
| hikvision | ds-a71024_firmware | * |
| hikvision | ds-a71048r-cvs_firmware | * |
| hikvision | ds-a80624s_firmware | * |
| hikvision | ds-a72024_firmware | * |
| hikvision | ds-a72072r_firmware | * |
| hikvision | ds-a72048r-cvs_firmware | * |
| hikvision | ds-a82024d_firmware | * |
| hikvision | ds-a71072r_firmware | * |
| hikvision | ds-a71048_firmware | * |
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| hsrc@hikvision.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-a81016s_firmware | * |
| hikvision | ds-a80316s_firmware | * |
| hikvision | ds-a71024_firmware | * |
| hikvision | ds-a71048r-cvs_firmware | * |
| hikvision | ds-a80624s_firmware | * |
| hikvision | ds-a72024_firmware | * |
| hikvision | ds-a72072r_firmware | * |
| hikvision | ds-a72048r-cvs_firmware | * |
| hikvision | ds-a82024d_firmware | * |
| hikvision | ds-a71072r_firmware | * |
| hikvision | ds-a71048_firmware | * |
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-3wf0ac-2nt_firmware | * |
| hikvision | ds-3wf01c-2n/o_firmware | * |
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-a81016s_firmware | * |
| hikvision | ds-a80316s_firmware | * |
| hikvision | ds-a71024_firmware | * |
| hikvision | ds-a71048r-cvs_firmware | * |
| hikvision | ds-a80624s_firmware | * |
| hikvision | ds-a72024_firmware | * |
| hikvision | ds-a72072r_firmware | * |
| hikvision | ds-a82024d_firmware | * |
| hikvision | ds-a71072r_firmware | * |
| hikvision | ds-a71048_firmware | * |
| hikvision | ds-a72072r_firmware | - |
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-k1t671m_firmware | - |
| hikvision | ds-k1t671t_firmware | - |
| hikvision | ds-k1t671tmw_firmware | - |
| hikvision | ds-k1t804amf_firmware | - |
| hikvision | ds-k1t671tmf_firmware | - |
| hikvision | ds-k1t320efx_firmware | - |
| hikvision | ds-k1t320ewx_firmware | - |
| hikvision | ds-k1t320mfx_firmware | - |
| hikvision | ds-k1t341amf_firmware | - |
| hikvision | ds-k1t671tm_firmware | - |
| hikvision | ds-k1t671mf_firmware | - |
| hikvision | ds-k1t320mwx_firmware | - |
| hikvision | ds-k1t320mx_firmware | - |
| hikvision | ds-k1t320mfwx_firmware | - |
| hikvision | ds-k1t671tmfw_firmware | - |
| hikvision | ds-k1t343mx_firmware | - |
| hikvision | ds-k1t320efwx_firmware | - |
| hikvision | ds-k1t320ex_firmware | - |
| hikvision | ds-k1t341am_firmware | - |
| hikvision | ds-k1t343ewx_firmware | - |
| hikvision | ds-k1t343mwx_firmware | - |
| hikvision | ds-k1t341cm_firmware | - |
| hikvision | ds-k1t804af_firmware | - |
| hikvision | ds-k1t671tm-3xf_firmware | - |
| hikvision | ds-k1t343ex_firmware | - |
| hikvision | ds-k1t671_firmware | - |
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-k1t671mf_firmware | * |
| hikvision | ds-kh6351-te1_firmware | * |
| hikvision | ds-k1t343ewx_firmware | * |
| hikvision | ds-kh6320-wte1_firmware | * |
| hikvision | ds-k1t320efx_firmware | * |
| hikvision | ds-kh6220-le1_firmware | * |
| hikvision | ds-k1t320ex_firmware | * |
| hikvision | ds-kh6320-te1_firmware | * |
| hikvision | ds-k1t320mwx_firmware | * |
| hikvision | ds-k1t320mx_firmware | * |
| hikvision | ds-k1t343mwx_firmware | * |
| hikvision | ds-k1t343ex_firmware | * |
| hikvision | ds-k1t343mfx_firmware | * |
| hikvision | ds-k1t320ewx_firmware | * |
| hikvision | ds-kh6351-wte1_firmware | * |
| hikvision | ds-kh6320-le1_firmware | * |
| hikvision | ds-k1t343efwx_firmware | * |
| hikvision | ds-k1t343efx_firmware | * |
| hikvision | ds-k1t341am_firmware | * |
| hikvision | ds-k1t671m_firmware | * |
| hikvision | ds-k1t320mfx_firmware | * |
| hikvision | ds-k1t343mfwx_firmware | * |
| hikvision | ds-k1t671_firmware | * |
| hikvision | ds-kh9510-wte1(b)_firmware | * |
| hikvision | ds-kh8520-wte1_firmware | * |
| hikvision | ds-k1t804amf_firmware | * |
| hikvision | ds-kh6320-wtde1_firmware | * |
| hikvision | ds-kh6320-tde1_firmware | * |
| hikvision | ds-k1t320efwx_firmware | * |
| hikvision | ds-k1t343mx_firmware | * |
| hikvision | ds-kh63le1(b)_firmware | * |
| hikvision | ds-k1t341c_firmware | * |
| hikvision | ds-kh9310-wte1(b)_firmware | * |
| hikvision | ds-kh6350-wte1_firmware | * |
| hikvision | ds-k1t320mfwx_firmware | * |
| hikvision | ds-k1t804af_firmware | * |
| hikvision | ds-k1t341amf_firmware | * |
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
| hsrc@hikvision.com | 7.4 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.8 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | dvr_firmware | * |
| hikvision | nvr-208mh-c/8p(d)_firmware | * |
| hikvision | nvr-208mh-c(c)_firmware | * |
| hikvision | nvr-108mh-d(d)_firmware | * |
| hikvision | ds-7616ni-k1(c)_firmware | * |
| hikvision | ds-7608ni-k1/8p/4g(c)_firmware | * |
| hikvision | ds-7604ni-k1/4p/4g(c)_firmware | * |
| hikvision | ds-7616ni-q1(c)_firmware | * |
| hikvision | nvr-216mh-c(d)_firmware | * |
| hikvision | ds-7104ni-q1(d)_firmware | * |
| hikvision | ds-7608ni-q2/8p(c)_firmware | * |
| hikvision | nvr-108mh-c(c)_firmware | * |
| hikvision | nvr-104mh-d(c)_firmware | * |
| hikvision | ds-7608ni-q2(c)_firmware | * |
| hikvision | nvr-104mh-c/4p(d)_firmware | * |
| hikvision | nvr-108mh-d/8p(c)_firmware | * |
| hikvision | nvr-104mh-c(d)_firmware | * |
| hikvision | nvr-116mh-c(d)_firmware | * |
| hikvision | nvr-104mh-c(c)_firmware | * |
| hikvision | nvr-108mh-c(d)_firmware | * |
| hikvision | ds-7604ni-q1/4p(c)_firmware | * |
| hikvision | ds-7608ni-q1/8p(c)_firmware | * |
| hikvision | nvr-108h-d/8p(c)_firmware | * |
| hikvision | nvr-108h-d/8p(d)_firmware | * |
| hikvision | nvr-104mh-d(d)_firmware | * |
| hikvision | ds-7604ni-q1(c)_firmware | * |
| hikvision | nvr-216mh-c/16p(d)_firmware | * |
| hikvision | ds-7108ni-q1(d)_firmware | * |
| hikvision | nvr-108h-d(c)_firmware | * |
| hikvision | ds-7616ni-q2(c)_firmware | * |
| hikvision | nvr-116mh-c(c)_firmware | * |
| hikvision | ds-7104ni-q1(c)_firmware | * |
| hikvision | ds-7616ni-q2/16p(c)_firmware | * |
| hikvision | nvr-108mh-d(c)_firmware | * |
| hikvision | ds-7108ni-q1(c)_firmware | * |
| hikvision | nvr-108mh-c/8p(c)_firmware | * |
| hikvision | nvr-104mh-d/4p(c)_firmware | * |
| hikvision | ds-7608ni-k1/8p(c)_firmware | * |
| hikvision | ds-7604ni-k1(c)_firmware | * |
| hikvision | ds-7608ni-q1(c)_firmware | * |
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| hsrc@hikvision.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | localservicecomponents | * |
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 2.8 | 5.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | localservicecomponents | * |
Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119, allows attackers to execute arbitrary commands.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-d5b86rb/b_firmware | 2.3.0 |
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input C:\ICPAS\Wnmp\WWW\php\conversion.php leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248252.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cna@vuldb.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | intercom_broadcast_system | * |
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-248253 was assigned to this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| cna@vuldb.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | intercom_broadcast_system | * |
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-248254 is the identifier assigned to this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cna@vuldb.com | 6.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | intercom_broadcast_system | * |
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | hikcentral_professional | * |
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | hikcentral_professional | * |
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | hikcentral_master | * |
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | hikcentral_master | * |
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | hikcentral_professional | * |
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 6.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-7204hghi-f1_firmware | * |
| hikvision | ds-7104hghi-f1_firmware | * |
There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-7204hghi-f1_firmware | * |
| hikvision | ds-7104hghi-f1_firmware | * |
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hsrc@hikvision.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hikvision | ds-k1t342_firmware | * |
| hikvision | ds-k1t323_firmware | * |
| hikvision | ds-k1t804a_firmware | * |
| hikvision | ds-k1t6qt-f43_firmware | * |
| hikvision | ds-k1t331_firmware | * |
| hikvision | ds-k5671_firmware | * |
| hikvision | ds-k1t804b_firmware | * |
| hikvision | ds-k1t341b_firmware | * |
| hikvision | ds-k1t105a_firmware | * |
| hikvision | ds-k5033_firmware | * |
| hikvision | ds-k1t672_firmware | * |
| hikvision | ds-k1t341a_firmware | * |
| hikvision | ds-k1t671_firmware | * |
| hikvision | ds-k1t808_firmware | * |
| hikvision | ds-k1t673_firmware | * |
| hikvision | ds-k1t680_firmware | * |
| hikvision | ds-k1t981_firmware | * |
| hikvision | ds-k1t8005_firmware | * |
| hikvision | ds-k1t670_firmware | * |
| hikvision | ds-k1t344_firmware | * |
| hikvision | ds-k1t343_firmware | * |
| hikvision | ds-k1t201a_firmware | * |
| hikvision | ds-k1t321_firmware | * |
| hikvision | ds-k1t510_firmware | * |
| hikvision | ds-k1t341c_firmware | * |
| hikvision | ds-k1t320_firmware | * |
| hikvision | ds-k1t6qt-f72_firmware | * |
| hikvision | ds-k1t8003_firmware | * |