Lucene search
K

16 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/30 6:7 a.m.2 views

Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

Overview Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP.The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware...

6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.9 views

PT-2024-41474 · Hikvision · Ds-2Cd1Xxxg0 +11

Уязвимость реализации протокола HTTP служб DynDNS и NO-IP микропрограммного обеспечения IP-камер Hikvision связана с передачей конфиденциальной информации в незашифрованном виде. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить атаку типа «человек посередине»...

10CVSS7.3AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.11 views

Hikvision Cameras Buffer Overflow (CVE-2018-6413)

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack service interruption via a crafted network setting interface request. This plugin only works with Tenable.ot. Plea...

7.5CVSS7.4AI score0.01739EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.22 views

Hikvision IP Cameras Buffer Overflow (CVE-2018-6414)

A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process. Thi...

9.8CVSS9.4AI score0.02274EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2023/07/24 2:48 p.m.32 views

Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware

CVE-2017-7921 - Hikvision Camera Series Improper Authenticatio...

10CVSS9.2AI score0.99998EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/12/07 4:3 a.m.43 views

New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network

NOTE: In this blog, Zerobot refers to a botnet that spreads primarily through IoT and web application vulnerabilities. It is not associated with the chatbot ZeroBot.ai. A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen...

7.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.7 views

The vulnerability of Hikvision’s IP cameras’ microprogramming software, related to authentication procedures that lack sufficient safeguards, allows intruders to exploit their privileges.

The vulnerability of Hikvision’s IP cameras related to microprogramming software lies in the deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized actors to enhance their privileges remotely...

10CVSS7.8AI score0.99998EPSS
Exploits11References10
CNVD
CNVD
added 2019/06/25 12:0 a.m.1 views

Hikvision camera has a logic flaw vulnerability

Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. A logic flaw vulnerability exists in Hikvision cameras, which can be exploited by an attacker to access the API without entering a password check...

7AI score
Exploits0
CNVD
CNVD
added 2019/06/25 12:0 a.m.1 views

Unauthorized Access Vulnerability in Hikvision Cameras

Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. An unauthorized access vulnerability exists in Hikvision cameras, which can be exploited by attackers to perform arbitrary operations...

7AI score
Exploits0
CNVD
CNVD
added 2019/03/24 12:0 a.m.2 views

Weak password vulnerability in Hikvision cameras

Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. A weak password vulnerability exists in Hikvision cameras from 2013 and earlier versions, which can be exploited by an attacker to remotely connect to and control the camera...

7AI score
Exploits0
CNVD
CNVD
added 2018/08/13 12:0 a.m.3 views

Buffer Overflow Vulnerability in Hikvision Network Cameras

HikVision IP Cameras are network camera products from Hikvision, a Chinese company. The HikVision IP Cameras suffer from a buffer overflow vulnerability that stems from a failure to adequately validate input information. An attacker can exploit the vulnerability by sending a specially crafted...

9.8CVSS9.8AI score0.02274EPSS
Exploits0
OSV
OSV
added 2017/12/01 5:29 p.m.3 views

CVE-2017-14953

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an...

6.5CVSS5.9AI score0.00492EPSS
Exploits2References2
CNVD
CNVD
added 2017/08/18 12:0 a.m.2 views

Unauthorized operation vulnerability in Hikvision webcam image setting interface

Hikvision DS-2CD2710F-I, DS-5C-I Series are network camera products developed by Hikvision China. An unauthorized operation vulnerability exists in the image setting interface of Hikvision network cameras, which fails to verify the legitimacy of parameters during reception and processing. An...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/08/18 12:0 a.m.3 views

Hikvision has design logic flaws

Hikvision DS-2CD2710F-I, DS-5C-I Series are network camera products developed by Hikvision China. A design logic vulnerability exists in Hikvision that fails to properly check for erroneous parameters when receiving and processing standard parameters. An attacker could exploit the vulnerability t...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/05/19 12:0 a.m.4 views

Hikvision Various Camera Configuration File Password Vulnerability

Hikvision DS-2CD2xx2F-I Series and others are webcam products from Hikvision, China. A configuration file password vulnerability exists in a number of Hikvision cameras, which can be exploited by an attacker to allow a user to elevate privileges or impersonate another user in order to access...

8.8CVSS6.9AI score0.0233EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/06 12:0 a.m.5 views

Multiple Hikvision Cameras Incorrect Authentication Vulnerability

Hikvision Cameras is a camera made by Hikvision. An incorrect authentication vulnerability exists in multiple Hikvision Cameras. An attacker could exploit this vulnerability to obtain sensitive information, bypass authentication mechanisms, and compromise a user's account...

10CVSS7AI score0.99998EPSS
Exploits11References1
Rows per page
Query Builder