Search criteria
3 vulnerabilities found for ds-7108ni-q1\(c\)_firmware by hikvision
FKIE_CVE-2023-28811
Vulnerability from fkie_nvd - Published: 2023-11-23 07:15 - Updated: 2024-11-21 07:56
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-216mh-c\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2866C462-CAFE-4C36-8E56-D6E90E1AA05C",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-216mh-c\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FCA884-E56F-4BA6-B9F1-BFDB9B2CB7C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-216mh-c\\/16p\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF85CF4-A784-4016-8E6D-10D85805B1D9",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-216mh-c\\/16p\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D541596-7401-48CA-81CA-C0A51ADB7E9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-208mh-c\\/8p\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF49EAFA-0600-451A-B10B-B7D30561BEC5",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-208mh-c\\/8p\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDB452E-8872-402C-8F0D-048797D7DCE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-c\\/4p\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA12A4C1-1197-4BE5-9C5E-BBD3F2C56915",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-c\\/4p\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE816CA7-541F-43A2-AEB0-E7933539BFEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-c\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A899EA64-31F2-44E2-A34C-96190DD5CD2E",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-c\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "60D1E687-A3CA-40C9-ADB9-2BDE0F02D507",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-c\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CECFE7F-08FE-497A-B0AB-102BAAD6A97A",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-c\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87F821C-C4C9-440D-A707-D3CACA8AF01F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-116mh-c\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA9DB35-E758-436B-A4D5-55110EC6AE38",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-116mh-c\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD85111-5C2B-4BBB-A38A-530F33F88267",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7104ni-q1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB62A6E2-5707-4E98-B77F-B66C8D417160",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7104ni-q1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B03652C6-1B5D-4A06-961D-E539A11695F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7104ni-q1\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "376855CF-EFE0-4475-8A2F-F6917BBBC759",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7104ni-q1\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A0918C-0944-48AC-B2EC-B9F76BA470A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7108ni-q1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC46EA11-F556-4BCC-9C2B-ED8CB276F5F4",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7108ni-q1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F810ED-B8FC-489A-9CC7-1DF7F62D412A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7108ni-q1\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB3F868B-744E-4FAB-97FB-C0474312F5F3",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7108ni-q1\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0141B360-B87C-40CF-8AAC-C2C46D25779A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-d\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80FEBC09-58E5-4405-B77D-DB675A306215",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-d\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E164711-9E65-4FA9-B97E-99FC162FD80B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-d\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "883F8125-923C-47D4-8E5E-6B9412555793",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-d\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "07CD4DE7-18A4-4158-80C3-404A529C7371",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108h-d\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93AE98BC-C1CC-488C-86D8-518A3D075434",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108h-d\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A833AB3-14AC-4FEC-8932-3C40B854D0C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-d\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3B8968-5319-4281-970E-E54BF28964A9",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-d\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C19B9342-E287-442F-8C20-9242D7F8F557",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-d\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7F3C-CE13-45C8-AE09-A46D8B84EC0E",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-d\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCF9D96-3568-431E-B524-8D1ED3E6CB67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-d\\/4p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "404A345D-15F9-47D1-B7F9-09AA4F4F30CB",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-d\\/4p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA8BC89-DCDB-4888-868E-2A876A2BD566",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108h-d\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21E04072-4DA3-4755-B716-BAE2C99D431A",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108h-d\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "37613B35-63B9-40D4-999A-E154682B923C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108h-d\\/8p\\(d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92F3C03-341A-4D8F-AC49-0A7AD1890365",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108h-d\\/8p\\(d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "881ABC7F-FAE3-46C0-9DB1-B9FDB2AF882D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-d\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EDE8FF-2E93-484D-BEFB-76DC883B4F3E",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-d\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0589FDC3-C72C-49E9-9770-CB7941AF4F83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7604ni-q1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F2081D-8FC4-4202-A3D0-305C3AC9AFF0",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7604ni-q1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE75D7F-016C-4283-8C79-62C25EA7F6DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7604ni-q1\\/4p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAFF353-7447-4E3A-8A6D-F3A35FE63094",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7604ni-q1\\/4p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB14B267-05CD-4F1A-BC1B-51CA73F3F554",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-q1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE27F258-75A3-4C26-B18F-9DB56F091CAE",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-q1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "31969AAC-C947-41DF-BE80-AB60B446EC31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-q1\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F55B2DC-39D1-4836-B18A-238A4D8F31E6",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-q1\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "C558B77E-2B6B-49DD-B64B-00E7F2A8F19C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-q2\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D915E6F-0A2C-472F-9353-B053CA3A1E70",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-q2\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0102689C-DD24-47A1-A53B-4C220608FFCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-q2\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA110C5-A666-4A8B-B8A3-A86C428C4C43",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-q2\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "496E40B6-EED2-4B28-9142-EF064C90EDF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7616ni-q1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90BED1A9-7B25-4D3D-B015-0825E19AF672",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7616ni-q1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D77558E-9733-4C0B-9B00-56CCE691A2D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7616ni-q2\\/16p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3037FD6-9457-4AC9-9BC9-E49A3E6D3FEC",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7616ni-q2\\/16p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDD014F-549C-4ADD-B14F-27940DD52A83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7616ni-q2\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91BAC09E-FC54-468D-BF5D-847F3BB98979",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7616ni-q2\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F09D0-23AA-47E5-BB63-10483F2A934D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7604ni-k1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C6E27-CD1C-4817-823D-34178D49C618",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7604ni-k1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "903FAF50-4812-4F40-88BE-9607398621F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7604ni-k1\\/4p\\/4g\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD8A78F-0BD9-45B5-88CE-C031761B8600",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7604ni-k1\\/4p\\/4g\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "753D77F9-A091-4774-B9E8-EC25C7DE14F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-k1\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59F23962-60F7-405E-A190-93554F7BA864",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-k1\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B03EFB2C-A104-46F4-A9BD-1DA9FB9D465F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7608ni-k1\\/8p\\/4g\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43AC9816-A0E0-4FEB-BC84-A54FA63CA6F4",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7608ni-k1\\/8p\\/4g\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "31894565-AC5F-41EE-AA45-253F8212EB5E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:ds-7616ni-k1\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07D57007-8117-404B-8C51-A269144861D2",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:ds-7616ni-k1\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A11A0DC5-C7FE-4F17-8E5B-54A86F0D8D02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-208mh-c\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE41C2EF-67AA-4B68-9EDE-7F9D847BBE58",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-208mh-c\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C7B754-918D-4DF0-8342-0FD5107BB1EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-104mh-c\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C6A180-76FD-42FD-996C-2BD6A6B8228F",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-104mh-c\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE98FEEB-BBD8-47E8-9B5C-39ED7FE26903",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-c\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66649621-F6A2-436A-B1DC-2E425679E1F7",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-c\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9696985-6736-4429-AA2E-74B5E98A5414",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-108mh-c\\/8p\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3685B2-05A3-4FE7-BC12-018DDBEB6E00",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-108mh-c\\/8p\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E543F8E1-683F-4619-B851-046CE97E4C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:nvr-116mh-c\\(c\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF5DCCE-D9F0-4E37-AAF8-C3DAE5C0FAA0",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hikvision:nvr-116mh-c\\(c\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3689612-344B-4C08-9ABF-1AA349E0322B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hikvision:dvr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51572509-A13A-4BCA-9D9C-7265C5603FC3",
"versionEndExcluding": "4.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
},
{
"lang": "es",
"value": "Hay un desbordamiento del b\u00fafer en la funci\u00f3n de recuperaci\u00f3n de contrase\u00f1a de los modelos NVR/DVR de Hikvision. Si se explota, un atacante en la misma red de \u00e1rea local (LAN) podr\u00eda provocar un mal funcionamiento del dispositivo al enviar paquetes especialmente manipulados a un dispositivo sin parches."
}
],
"id": "CVE-2023-28811",
"lastModified": "2024-11-21T07:56:03.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "hsrc@hikvision.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-23T07:15:43.883",
"references": [
{
"source": "hsrc@hikvision.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"sourceIdentifier": "hsrc@hikvision.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from cvelistv5 – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI?
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity ?
7.4 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Peter Szot @IOActive
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from nvd – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI?
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity ?
7.4 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Peter Szot @IOActive
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}