16 matches found
Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials
Overview Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP.The user can select which to use on the GUI configuration page. Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware...
PT-2024-41474 · Hikvision · Ds-2Cd1Xxxg0 +11
Уязвимость реализации протокола HTTP служб DynDNS и NO-IP микропрограммного обеспечения IP-камер Hikvision связана с передачей конфиденциальной информации в незашифрованном виде. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить атаку типа «человек посередине»...
Hikvision Cameras Buffer Overflow (CVE-2018-6413)
There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack service interruption via a crafted network setting interface request. This plugin only works with Tenable.ot. Plea...
Hikvision IP Cameras Buffer Overflow (CVE-2018-6414)
A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process. Thi...
Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware
CVE-2017-7921 - Hikvision Camera Series Improper Authenticatio...
New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network
NOTE: In this blog, Zerobot refers to a botnet that spreads primarily through IoT and web application vulnerabilities. It is not associated with the chatbot ZeroBot.ai. A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen...
The vulnerability of Hikvision’s IP cameras’ microprogramming software, related to authentication procedures that lack sufficient safeguards, allows intruders to exploit their privileges.
The vulnerability of Hikvision’s IP cameras related to microprogramming software lies in the deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized actors to enhance their privileges remotely...
Hikvision camera has a logic flaw vulnerability
Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. A logic flaw vulnerability exists in Hikvision cameras, which can be exploited by an attacker to access the API without entering a password check...
Unauthorized Access Vulnerability in Hikvision Cameras
Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. An unauthorized access vulnerability exists in Hikvision cameras, which can be exploited by attackers to perform arbitrary operations...
Weak password vulnerability in Hikvision cameras
Hikvision is a video-centric IoT solution provider, offering integrated security, smart business and big data services. A weak password vulnerability exists in Hikvision cameras from 2013 and earlier versions, which can be exploited by an attacker to remotely connect to and control the camera...
Buffer Overflow Vulnerability in Hikvision Network Cameras
HikVision IP Cameras are network camera products from Hikvision, a Chinese company. The HikVision IP Cameras suffer from a buffer overflow vulnerability that stems from a failure to adequately validate input information. An attacker can exploit the vulnerability by sending a specially crafted...
CVE-2017-14953
HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an...
Unauthorized operation vulnerability in Hikvision webcam image setting interface
Hikvision DS-2CD2710F-I, DS-5C-I Series are network camera products developed by Hikvision China. An unauthorized operation vulnerability exists in the image setting interface of Hikvision network cameras, which fails to verify the legitimacy of parameters during reception and processing. An...
Hikvision has design logic flaws
Hikvision DS-2CD2710F-I, DS-5C-I Series are network camera products developed by Hikvision China. A design logic vulnerability exists in Hikvision that fails to properly check for erroneous parameters when receiving and processing standard parameters. An attacker could exploit the vulnerability t...
Hikvision Various Camera Configuration File Password Vulnerability
Hikvision DS-2CD2xx2F-I Series and others are webcam products from Hikvision, China. A configuration file password vulnerability exists in a number of Hikvision cameras, which can be exploited by an attacker to allow a user to elevate privileges or impersonate another user in order to access...
Multiple Hikvision Cameras Incorrect Authentication Vulnerability
Hikvision Cameras is a camera made by Hikvision. An incorrect authentication vulnerability exists in multiple Hikvision Cameras. An attacker could exploit this vulnerability to obtain sensitive information, bypass authentication mechanisms, and compromise a user's account...