Lucene search
HikvisionCVELIST:CVE-2024-29949HistoryApr 02, 2024 - 11:07 a.m.
CVE-2024-29949
2024-04-0211:07:41
hikvision
www.cve.org
3
cve-2024-29949
command injection
hikvision nvrs
administrative rights
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
CNA Affected
[
{
"vendor": "Hikvision",
"product": "DS-7604NI-K1 / 4P(B)",
"versions": [
{
"version": "V4.30.096build221220 and the versions prior to it",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-76xxNI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-77xxNI-Mx",
"defaultStatus": "affected",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-96xxxNI-Mxx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-76xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-77xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-86xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-96xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-76xxNXI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-77xxNXI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-96xxxMXI-Mxx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-7604NI-M1/4P",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.01.070(not including V5.01.070)",
"status": "affected"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-29949
2024-04-02 11:07:41
nessus
nessus
Hikvision Video Recorders Out-of-bounds Read (CVE-2024-29949)
2024-07-22 00:00:00
nvd
nvd
CVE-2024-29949
2024-04-02 11:15:51
cve
cve
CVE-2024-29949
2024-04-02 11:15:51
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-29949