Search criteria
33 vulnerabilities by Hikvision
CVE-2024-58274 (GCVE-0-2024-58274)
Vulnerability from cvelistv5 – Published: 2025-10-22 00:00 – Updated: 2025-10-22 13:55
VLAI?
Summary
Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025.
Severity ?
8.3 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | CSMP iSecure Center |
Affected:
0 , ≤ 2024-08-01
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58274",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:55:11.718588Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:55:16.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://xz.aliyun.com/news/14639"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "CSMP iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"lessThanOrEqual": "2024-08-01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:45:04.855Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/ahisec/nuclei-tps/blob/main/http/vulnerabilities/hikvision/hikvision-csmp-installation-rce.yaml"
},
{
"url": "https://forum.butian.net/article/498"
},
{
"url": "https://xz.aliyun.com/news/14639"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-58274",
"datePublished": "2025-10-22T00:00:00.000Z",
"dateReserved": "2025-10-22T00:00:00.000Z",
"dateUpdated": "2025-10-22T13:55:16.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-53691 (GCVE-0-2023-53691)
Vulnerability from cvelistv5 – Published: 2025-10-22 00:00 – Updated: 2025-10-22 13:56
VLAI?
Summary
Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2023-06-25 allows file upload via /center/api/files directory traversal, as exploited in the wild in 2024 and 2025.
Severity ?
8.3 (High)
CWE
- CWE-24 - Path Traversal: '../filedir'
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | CSMP iSecure Center |
Affected:
0 , ≤ 2023-06-25
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-53691",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-22T13:56:40.313239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:56:44.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://zhuanlan.zhihu.com/p/639514473"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "CSMP iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"lessThanOrEqual": "2023-06-25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2023-06-25 allows file upload via /center/api/files directory traversal, as exploited in the wild in 2024 and 2025."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:42:57.265Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://zhuanlan.zhihu.com/p/639514473"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-53691",
"datePublished": "2025-10-22T00:00:00.000Z",
"dateReserved": "2025-10-22T00:00:00.000Z",
"dateUpdated": "2025-10-22T13:56:44.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28815 (GCVE-0-2023-28815)
Vulnerability from cvelistv5 – Published: 2025-10-17 11:07 – Updated: 2025-10-17 12:10
VLAI?
Summary
Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on the system.iSecure Center is software released for China's domestic market only, with no overseas release.
Severity ?
9.8 (Critical)
CWE
- CWE-141 - Improper Neutralization of Parameter/Argument Delimiters
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | iSecure Center |
Affected:
V1.0.0 - V1.7.0
|
Credits
hsrc
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T12:10:12.884691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-141",
"description": "CWE-141 Improper Neutralization of Parameter/Argument Delimiters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T12:10:16.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.0.0 - V1.7.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "hsrc"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some versions of Hikvision\u0027s iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on the system.iSecure Center is software released for China\u0027s domestic market only, with no overseas release."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T11:07:26.306Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/2023-04/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28815",
"datePublished": "2025-10-17T11:07:26.306Z",
"dateReserved": "2023-03-23T19:49:08.441Z",
"dateUpdated": "2025-10-17T12:10:16.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28814 (GCVE-0-2023-28814)
Vulnerability from cvelistv5 – Published: 2025-10-17 11:07 – Updated: 2025-10-17 13:04
VLAI?
Summary
Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overseas release.
Severity ?
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | iSecure Center |
Affected:
V1.0.0 - V1.7.0
|
Credits
hsrc
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T13:04:13.622732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T13:04:24.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.0.0 - V1.7.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "hsrc"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some versions of Hikvision\u0027s iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China\u0027s domestic market only, with no overseas release."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T11:07:06.801Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/2023-03/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28814",
"datePublished": "2025-10-17T11:07:06.801Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2025-10-17T13:04:24.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39247 (GCVE-0-2025-39247)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:40 – Updated: 2025-08-29 13:32
VLAI?
Summary
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity ?
8.6 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions between V2.3.1 and V2.6.2
|
|||||||
|
|||||||||
Credits
Dr. Matthias Lutter
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:32:15.480416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:32:18.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.3.1 and V2.6.2"
}
]
},
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Version V3.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dr. Matthias Lutter"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:40:31.553Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39247",
"datePublished": "2025-08-29T01:40:31.553Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:32:18.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39246 (GCVE-0-2025-39246)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:39 – Updated: 2025-08-29 13:32
VLAI?
Summary
There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
5.3 (Medium)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral FocSign |
Affected:
Versions between V1.4.0 and V2.2.0
|
Credits
Eduardo Bido
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:32:36.393721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:32:53.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral FocSign",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V1.4.0 and V2.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eduardo Bido"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:39:53.653Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39246",
"datePublished": "2025-08-29T01:39:53.653Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:32:53.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39245 (GCVE-0-2025-39245)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:38 – Updated: 2025-08-29 13:33
VLAI?
Summary
There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity ?
4.7 (Medium)
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions between V2.2.1 and V2.3.2
|
Credits
Yousef Alfuhaid
Nader Alharbi
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:33:21.122215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:33:42.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.2.1 and V2.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
},
{
"lang": "en",
"type": "finder",
"value": "Nader Alharbi"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:38:46.917Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39245",
"datePublished": "2025-08-29T01:38:46.917Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:33:42.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34067 (GCVE-0-2025-34067)
Vulnerability from cvelistv5 – Published: 2025-07-02 13:44 – Updated: 2025-11-20 18:33
VLAI?
Summary
An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.
Severity ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | Integrated Security Management Platform |
Affected:
0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34067",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T20:25:01.186074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T20:25:16.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"/bic/ssoService/v1/applyCT HTTP endpoint"
],
"product": "Integrated Security Management Platform",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson\u0027s auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.\u003c/p\u003e"
}
],
"value": "An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson\u0027s auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:33:11.267Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/HIKVISION/HIKVISION%20%E7%BB%BC%E5%90%88%E5%AE%89%E9%98%B2%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0%20applyCT%20Fastjson%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://s4e.io/tools/hikvision-applyct-remote-code-execution"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/hikvision-ismp-rce-applyct"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability"
],
"title": "Hikvision Integrated Security Management Platform Remote Command Execution via applyCT Fastjson",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34067",
"datePublished": "2025-07-02T13:44:21.664Z",
"dateReserved": "2025-04-15T19:15:22.549Z",
"dateUpdated": "2025-11-20T18:33:11.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39240 (GCVE-0-2025-39240)
Vulnerability from cvelistv5 – Published: 2025-06-13 07:10 – Updated: 2025-06-17 17:24
VLAI?
Summary
Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Hikvision | DS-3WAP622G-SI |
Affected:
V1.1.5402 build241014(E2254P02)and the versions prior to it
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
exzettabyte
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T15:15:35.438694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T17:24:32.221Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-3WAP622G-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP623E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"defaultStatus": "affected",
"product": "DS-3WAP521-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP522-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP621E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP622E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "exzettabyte"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T07:10:39.734Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/remote-command-execution-vulnerability-in-some-hikvision-wireless-access-point/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39240",
"datePublished": "2025-06-13T07:10:39.734Z",
"dateReserved": "2025-04-16T05:37:51.246Z",
"dateUpdated": "2025-06-17T17:24:32.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47486 (GCVE-0-2024-47486)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:33 – Updated: 2024-11-21 14:54
VLAI?
Summary
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions below V2.2.1 (including V2.2.1)
|
Credits
Yousef Alfuhaid
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T14:36:23.738242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:54:17.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V2.2.1 (including V2.2.1)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:33:07.095Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47486",
"datePublished": "2024-10-18T08:33:07.095Z",
"dateReserved": "2024-09-25T06:22:37.960Z",
"dateUpdated": "2024-11-21T14:54:17.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47487 (GCVE-0-2024-47487)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:32 – Updated: 2025-03-19 17:46
VLAI?
Summary
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions between V2.0.0 and V2.6.0
|
Credits
Manh Doan Duc
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47487",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T16:55:23.630917Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T17:46:20.453Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.0.0 and V2.6.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Manh Doan Duc"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:32:45.182Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47487",
"datePublished": "2024-10-18T08:32:45.182Z",
"dateReserved": "2024-09-25T06:22:37.961Z",
"dateUpdated": "2025-03-19T17:46:20.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47485 (GCVE-0-2024-47485)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:29 – Updated: 2025-03-13 15:44
VLAI?
Summary
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
Severity ?
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions between V2.0.0 and V2.2.1
|
Credits
Yousef Alfuhaid
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hikvision:hikcentral_master_lite:2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hikcentral_master_lite",
"vendor": "hikvision",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T13:39:24.820376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T15:44:47.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.0.0 and V2.2.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:29:38.392Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47485",
"datePublished": "2024-10-18T08:29:38.392Z",
"dateReserved": "2024-09-25T06:22:37.960Z",
"dateUpdated": "2025-03-13T15:44:47.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29949 (GCVE-0-2024-29949)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:07 – Updated: 2024-08-27 14:53
VLAI?
Summary
There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Hikvision | DS-7604NI-K1 / 4P(B) |
Affected:
V4.30.096build221220 and the versions prior to it
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
KITRI BoB 12th
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:hikvision:ds-7604ni-k1\\/4p\\(b\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-7604ni-k1\\/4p\\(b\\)",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V4.30.096build221220",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-76xxni-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-76xxni-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V5.02.006",
"status": "affected",
"version": "V5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-77xxni-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-77xxni-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-96xxxni-mxx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-96xxxni-mxx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-76xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-76xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-77xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-77xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-86xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-86xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-96xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-96xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-76xxnxi-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-76xxnxi-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-77xxnxi-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-77xxnxi-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-96xxxmxi-mxx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-96xxxmxi-mxx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-7604ni-m1\\/4p:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-7604ni-m1\\/4p",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.01.070",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29949",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-02T17:55:48.331613Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T14:53:55.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-7604NI-K1 / 4P(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.30.096build221220 and the versions prior to it"
}
]
},
{
"product": "DS-76xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"defaultStatus": "affected",
"product": "DS-77xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-96xxxNI-Mxx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-76xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-77xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-86xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-96xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-76xxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-77xxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-96xxxMXI-Mxx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-7604NI-M1/4P",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.01.070\uff08not including V5.01.070\uff09"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:07:41.449Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29949",
"datePublished": "2024-04-02T11:07:41.449Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-08-27T14:53:55.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29948 (GCVE-0-2024-29948)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:07 – Updated: 2024-11-06 21:00
VLAI?
Summary
There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | DS-7604NXI-K1/4P |
Affected:
V4.76.005 build231012 and the versions prior to it
|
Credits
KITRI BoB 12th
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T18:51:42.752876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:00:14.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "DS-7604NXI-K1/4P",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.76.005 build231012 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:07:04.983Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29948",
"datePublished": "2024-04-02T11:07:04.983Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-11-06T21:00:14.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29947 (GCVE-0-2024-29947)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:06 – Updated: 2024-10-31 15:01
VLAI?
Summary
There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | DS-7604NI-K1 / 4P(B) |
Affected:
V4.30.096build221220 and the versions prior to it
|
Credits
KITRI BoB 12th
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:16:59.495754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T15:01:23.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-7604NI-K1 / 4P(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.30.096build221220 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:13:32.060Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29947",
"datePublished": "2024-04-02T11:06:42.898Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-10-31T15:01:23.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25064 (GCVE-0-2024-25064)
Vulnerability from cvelistv5 – Published: 2024-03-02 02:56 – Updated: 2025-03-19 15:53
VLAI?
Summary
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
Severity ?
4.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions after V2.0.0 and before V2.5.1
|
Credits
Abdulazeez Omar
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25064",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T16:01:31.101506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:53:16.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V2.0.0 and before V2.5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdulazeez Omar"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-02T02:56:19.821Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-25064",
"datePublished": "2024-03-02T02:56:19.821Z",
"dateReserved": "2024-02-04T07:19:37.207Z",
"dateUpdated": "2025-03-19T15:53:16.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25063 (GCVE-0-2024-25063)
Vulnerability from cvelistv5 – Published: 2024-03-02 02:54 – Updated: 2025-03-27 15:19
VLAI?
Summary
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
Severity ?
7.5 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions below V2.5.1 (including V2.5.1)
|
Credits
Michael Dubell
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25063",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T19:37:09.001298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:19:11.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V2.5.1 (including V2.5.1)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Dubell"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-02T02:54:27.778Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-25063",
"datePublished": "2024-03-02T02:54:27.778Z",
"dateReserved": "2024-02-04T07:19:37.207Z",
"dateUpdated": "2025-03-27T15:19:11.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6895 (GCVE-0-2023-6895)
Vulnerability from cvelistv5 – Published: 2023-12-17 08:00 – Updated: 2024-11-21 14:28
VLAI?
Summary
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-248254 is the identifier assigned to this vulnerability.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-78 - OS Command Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | Intercom Broadcasting System |
Affected:
3.0.3_20201113_RELEASE(HIK)
|
Credits
willchen
willchen (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.248254"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.248254"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/willchen0011/cve/blob/main/rce.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6895",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T14:26:46.592466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:28:13.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intercom Broadcasting System",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "3.0.3_20201113_RELEASE(HIK)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "willchen"
},
{
"lang": "en",
"type": "analyst",
"value": "willchen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-248254 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "In Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /php/ping.php. Mittels Manipulieren des Arguments jsondata[ip] mit der Eingabe netstat -ano mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.1.0 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T09:06:44.657Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.248254"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.248254"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/willchen0011/cve/blob/main/rce.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-19T10:07:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "Hikvision Intercom Broadcasting System ping.php os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6895",
"datePublished": "2023-12-17T08:00:05.112Z",
"dateReserved": "2023-12-16T15:16:15.629Z",
"dateUpdated": "2024-11-21T14:28:13.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6894 (GCVE-0-2023-6894)
Vulnerability from cvelistv5 – Published: 2023-12-17 07:31 – Updated: 2025-05-07 20:41
VLAI?
Summary
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-248253 was assigned to this vulnerability.
Severity ?
4.3 (Medium)
4.3 (Medium)
CWE
- CWE-200 - Information Disclosure
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | Intercom Broadcasting System |
Affected:
3.0.3_20201113_RELEASE(HIK)
|
Credits
willchen
willchen (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.248253"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.248253"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/willchen0011/cve/blob/main/unaccess.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6894",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:41:09.788330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:41:21.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Log File Handler"
],
"product": "Intercom Broadcasting System",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "3.0.3_20201113_RELEASE(HIK)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "willchen"
},
{
"lang": "en",
"type": "analyst",
"value": "willchen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-248253 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) ausgemacht. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei access/html/system.html der Komponente Log File Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.1.0 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T09:06:40.842Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.248253"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.248253"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/willchen0011/cve/blob/main/unaccess.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-19T10:08:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Hikvision Intercom Broadcasting System Log File system.html information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6894",
"datePublished": "2023-12-17T07:31:03.712Z",
"dateReserved": "2023-12-16T15:16:07.046Z",
"dateUpdated": "2025-05-07T20:41:21.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6893 (GCVE-0-2023-6893)
Vulnerability from cvelistv5 – Published: 2023-12-17 06:31 – Updated: 2024-08-02 08:42
VLAI?
Summary
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input C:\ICPAS\Wnmp\WWW\php\conversion.php leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248252.
Severity ?
4.3 (Medium)
4.3 (Medium)
CWE
- CWE-22 - Path Traversal
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | Intercom Broadcasting System |
Affected:
3.0.3_20201113_RELEASE(HIK)
|
Credits
willchen
willchen (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.248252"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.248252"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/willchen0011/cve/blob/main/download.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intercom Broadcasting System",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "3.0.3_20201113_RELEASE(HIK)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "willchen"
},
{
"lang": "en",
"type": "analyst",
"value": "willchen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input C:\\ICPAS\\Wnmp\\WWW\\php\\conversion.php leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248252."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /php/exportrecord.php. Durch Manipulation des Arguments downname mit der Eingabe C:\\ICPAS\\Wnmp\\WWW\\php\\conversion.php mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.1.0 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T09:06:43.687Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.248252"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.248252"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/willchen0011/cve/blob/main/download.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-12-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-19T10:08:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Hikvision Intercom Broadcasting System exportrecord.php path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-6893",
"datePublished": "2023-12-17T06:31:03.966Z",
"dateReserved": "2023-12-16T15:16:04.420Z",
"dateUpdated": "2024-08-02T08:42:08.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28813 (GCVE-0-2023-28813)
Vulnerability from cvelistv5 – Published: 2023-11-23 08:37 – Updated: 2024-08-02 13:51
VLAI?
Summary
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
Severity ?
8.1 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | LocalServiceComponents |
Affected:
version 1.0.0.78 and the versions prior to it
|
Credits
KITRI BoB 12th
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LocalServiceComponents",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "version 1.0.0.78 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T08:37:35.720Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28813",
"datePublished": "2023-11-23T08:37:35.720Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28812 (GCVE-0-2023-28812)
Vulnerability from cvelistv5 – Published: 2023-11-23 08:35 – Updated: 2024-12-02 19:42
VLAI?
Summary
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
Severity ?
9.1 (Critical)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hikvision | LocalServiceComponents |
Affected:
version 1.0.0.78 and the versions prior to it
|
Credits
KITRI BoB 12th
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:41:44.704597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T19:42:18.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LocalServiceComponents",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "version 1.0.0.78 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T00:27:54.327174Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28812",
"datePublished": "2023-11-23T08:35:01.739Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-12-02T19:42:18.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from cvelistv5 – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI?
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity ?
7.4 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Peter Szot @IOActive
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28810 (GCVE-0-2023-28810)
Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-12 21:10
VLAI?
Summary
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
Severity ?
4.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-K1T804AXX |
Affected:
V1.4.0_build221212 , < V1.4.0_build221212
(custom)
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Credits
Peter Szot
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28810",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T21:10:21.294163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T21:10:28.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-K1T804AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.4.0_build221212",
"status": "affected",
"version": "V1.4.0_build221212",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T671XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T343XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.14.0_build230117",
"status": "affected",
"version": "V3.14.0_build230117",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341C",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.3.8_build230112",
"status": "affected",
"version": "V3.3.8_build230112",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T320XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.5.0_build220706",
"status": "affected",
"version": "V3.5.0_build220706",
"versionType": "custom"
}
]
},
{
"product": "DS-KH63 Series,DS-KH85 Series",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V2.2.8_build230219",
"status": "affected",
"version": "V2.2.8_build230219",
"versionType": "custom"
}
]
},
{
"product": "DS-KH9310-WTE1(B),DS-KH9510-WTE1(B)",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V2.1.76_build230204 ",
"status": "affected",
"version": "V2.1.76_build230204 ",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Peter Szot"
}
],
"datePublic": "2023-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-15T00:00:00",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/en/support/download/firmware/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28810",
"datePublished": "2023-06-15T00:00:00",
"dateReserved": "2023-03-23T00:00:00",
"dateUpdated": "2024-12-12T21:10:28.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28809 (GCVE-0-2023-28809)
Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-18 16:24
VLAI?
Summary
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
Severity ?
7.5 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-K1T804AXX |
Affected:
V1.4.0_build221212 , < V1.4.0_build221212
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
Andres Hinnosaar
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T16:22:10.570445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T16:24:05.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-K1T804AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.4.0_build221212",
"status": "affected",
"version": "V1.4.0_build221212",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341AXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T671XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.2.30_build221223",
"status": "affected",
"version": "V3.2.30_build221223",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T343XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.14.0_build230117",
"status": "affected",
"version": "V3.14.0_build230117",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T341C",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.3.8_build230112",
"status": "affected",
"version": "V3.3.8_build230112",
"versionType": "custom"
}
]
},
{
"product": "DS-K1T320XXX",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V3.5.0_build220706",
"status": "affected",
"version": "V3.5.0_build220706",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andres Hinnosaar"
}
],
"datePublic": "2023-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T16:06:26.704372",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/"
},
{
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/en/support/download/firmware/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28809",
"datePublished": "2023-06-15T00:00:00",
"dateReserved": "2023-03-23T00:00:00",
"dateUpdated": "2024-12-18T16:24:05.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28808 (GCVE-0-2023-28808)
Vulnerability from cvelistv5 – Published: 2023-04-11 00:00 – Updated: 2025-02-07 19:35
VLAI?
Summary
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Severity ?
9.1 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D |
Affected:
V2.X , ≤ V2.3.8-8
(custom)
|
|||||||
|
|||||||||
Credits
Souvik Kandar, Arko Dhar
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-cluster-stor/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T19:35:09.080119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T19:35:13.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V2.3.8-8",
"status": "affected",
"version": "V2.X",
"versionType": "custom"
}
]
},
{
"product": "DS-A71024/48R-CVS,DS-A72024/48R-CVS",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V1.1.4 ",
"status": "affected",
"version": "V1.X",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Souvik Kandar, Arko Dhar"
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T00:00:00.000Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-cluster-stor/"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/content/dam/hikvision/en/support/notice/security-notification-23-4-10/Fixing-Security-Vulnerability-of-Hybrid-SAN-230407.zip"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28808",
"datePublished": "2023-04-11T00:00:00.000Z",
"dateReserved": "2023-03-23T00:00:00.000Z",
"dateUpdated": "2025-02-07T19:35:13.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28173 (GCVE-0-2022-28173)
Vulnerability from cvelistv5 – Published: 2022-12-21 01:21 – Updated: 2025-04-16 14:41
VLAI?
Summary
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Severity ?
9.1 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-3WF0AC-2NT |
Affected:
V1.1.0 , < V1.1.0
(custom)
|
|||||||
|
|||||||||
Credits
Souvik Kandar, Arko Dhar
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-28173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:40:51.923495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:41:08.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-3WF0AC-2NT",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.1.0",
"status": "affected",
"version": "V1.1.0",
"versionType": "custom"
}
]
},
{
"product": "DS-3WF01C-2N/O",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V1.0.4",
"status": "affected",
"version": "V1.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Souvik Kandar, Arko Dhar"
}
],
"datePublic": "2022-12-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-19T00:00:00.000Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/content/dam/hikvision/en/support/cybersecyrity/security-advisory/DS-3WF0AC-2NT_V1.1.0-build220929_EN.bin"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2022-28173",
"datePublished": "2022-12-21T01:21:43.830Z",
"dateReserved": "2022-03-29T00:00:00.000Z",
"dateUpdated": "2025-04-16T14:41:08.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28172 (GCVE-0-2022-28172)
Vulnerability from cvelistv5 – Published: 2022-06-27 17:50 – Updated: 2024-09-17 01:10
VLAI?
Summary
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D |
Affected:
V2.X , ≤ V2.3.8-6
(custom)
|
|||||||
|
|||||||||
Credits
Thurein Soe
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-products/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/170818/Hikvision-Remote-Code-Execution-XSS-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V2.3.8-6",
"status": "affected",
"version": "V2.X",
"versionType": "custom"
}
]
},
{
"product": "DS-A71024/48R-CVS,DS-A72024/48R-CVS",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V1.1.4",
"status": "affected",
"version": "V1.X",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thurein Soe"
}
],
"datePublic": "2022-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-31T00:00:00",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-products/"
},
{
"url": "http://packetstormsecurity.com/files/170818/Hikvision-Remote-Code-Execution-XSS-SQL-Injection.html"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/content/dam/hikvision/en/support/cybersecyrity/security-advisory/Patch-for-Fixing-Security-Vulnerability-of-Hybrid-SAN-\u0026-Cluster-Storage.zip"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2022-28172",
"datePublished": "2022-06-27T17:50:40.922725Z",
"dateReserved": "2022-03-29T00:00:00",
"dateUpdated": "2024-09-17T01:10:46.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28171 (GCVE-0-2022-28171)
Vulnerability from cvelistv5 – Published: 2022-06-27 17:48 – Updated: 2024-09-16 17:03
VLAI?
Summary
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
Severity ?
7.5 (High)
CWE
- CWE-78 - OS Command Injection
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| hikvision | DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D |
Affected:
V2.X , ≤ V2.3.8-6
(custom)
|
|||||||
|
|||||||||
Credits
Thurein Soe
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-products/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/170818/Hikvision-Remote-Code-Execution-XSS-SQL-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173653/Hikvision-Hybrid-SAN-Ds-a71024-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V2.3.8-6",
"status": "affected",
"version": "V2.X",
"versionType": "custom"
}
]
},
{
"product": "DS-A71024/48R-CVS,DS-A72024/48R-CVS",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V1.1.4",
"status": "affected",
"version": "V1.X",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thurein Soe"
}
],
"datePublic": "2022-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-20T00:00:00",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-products/"
},
{
"url": "http://packetstormsecurity.com/files/170818/Hikvision-Remote-Code-Execution-XSS-SQL-Injection.html"
},
{
"url": "http://packetstormsecurity.com/files/173653/Hikvision-Hybrid-SAN-Ds-a71024-SQL-Injection.html"
}
],
"solutions": [
{
"lang": "en",
"value": "https://www.hikvision.com/content/dam/hikvision/en/support/cybersecyrity/security-advisory/Patch-for-Fixing-Security-Vulnerability-of-Hybrid-SAN-\u0026-Cluster-Storage.zip"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2022-28171",
"datePublished": "2022-06-27T17:48:51.569864Z",
"dateReserved": "2022-03-29T00:00:00",
"dateUpdated": "2024-09-16T17:03:49.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6414 (GCVE-0-2018-6414)
Vulnerability from cvelistv5 – Published: 2018-08-13 15:00 – Updated: 2024-08-05 06:01
VLAI?
Summary
A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| hikvision | DS-2DE4xxxW,DS-2DE5xxxW,DS-2DE7xxxW |
Affected:
V5.5.6 build180408 and previous versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--buffer-overflow-vulnerability-in-some-hik/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-2DE4xxxW,DS-2DE5xxxW,DS-2DE7xxxW",
"vendor": "hikvision",
"versions": [
{
"status": "affected",
"version": "V5.5.6 build180408 and previous versions"
}
]
}
],
"datePublic": "2018-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T20:15:28",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--buffer-overflow-vulnerability-in-some-hik/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hsrc@hikvision.com",
"ID": "CVE-2018-6414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DS-2DE4xxxW,DS-2DE5xxxW,DS-2DE7xxxW",
"version": {
"version_data": [
{
"version_value": "V5.5.6 build180408 and previous versions"
}
]
}
}
]
},
"vendor_name": "hikvision"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--buffer-overflow-vulnerability-in-some-hik/",
"refsource": "CONFIRM",
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--buffer-overflow-vulnerability-in-some-hik/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2018-6414",
"datePublished": "2018-08-13T15:00:00",
"dateReserved": "2018-01-31T00:00:00",
"dateUpdated": "2024-08-05T06:01:49.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}