216 matches found
CVE-2023-6894 Hikvision Intercom Broadcasting System Log File system.html information disclosure
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK. It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has...
CVE-2023-6894
The CVE-2023-6894 entry concerns Hikvision Intercom Broadcasting System 3.0.3_20201113 RELEASE (HIK) with vulnerability in the Log File Handler’s file system.html (access/html/system.html). The exploit enables information disclosure through manipulation of that component. Multiple sources confirm...
CVE-2023-6893
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input...
CVE-2023-6893
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input...
Path traversal
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input...
CVE-2023-6893 Hikvision Intercom Broadcasting System exportrecord.php path traversal
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input...
CVE-2023-6893
Hikvision Intercom Broadcasting System 3.0.3 has a path traversal flaw in /php/exportrecord.php via the downname parameter (input like C:\ICPAS\Wnmp\WWW\php\conversion.php). The vulnerability is publicly disclosed; impact is path traversal. Upgrading to version 4.1.0 mitigates the issue. Some con...
PT-2023-32804 · Hikvision · Hikvision Intercom Broadcasting System
Name of the Vulnerable Software and Affected Versions: Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASEHIK Description: A vulnerability was found in the Log File Handler component, affecting an unknown part of the file access/html/system.html. The manipulation leads to...
Hikvision Intercom Broadcasting System Path Traversal Vulnerability
Hikvision Intercom Broadcasting System is an intercom broadcasting system from Hikvision China. A path traversal vulnerability exists in Hikvision Intercom Broadcasting System version 3.0.320201113RELEASE HIK, which stems from a path traversal caused by the downname parameter in file...
Hikvision Intercom Broadcasting System Operating System Command Injection Vulnerability
Hikvision Intercom Broadcasting System is an intercom broadcasting system from Hikvision China. An operating system command injection vulnerability exists in Hikvision Intercom Broadcasting System version 3.0.320201113RELEASE HIK, which stems from the parameter jsondataip in the file /php/ping.ph...
PT-2023-32805
Name of the Vulnerable Software and Affected Versions Hikvision Intercom Broadcasting System versions 3.0.3 20201113 RELEASEHIK Description A critical issue exists in Hikvision Intercom Broadcasting System. The issue affects unknown code within the /php/ping.php file. Manipulating the jsondataip...
Hikvision Intercom Broadcasting System Information Disclosure Vulnerability
Hikvision Intercom Broadcasting System is an intercom broadcasting system from Hikvision China. An information disclosure vulnerability exists in Hikvision Intercom Broadcasting System version 3.0.320201113RELEASE HIK, which originates from the file access/html/system.html that can lead to...
Hikvision Access Control and Intercom Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Hikvision Equipment: Access Control and Intercom Products Vulnerabilities: Session Fixation, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker...
CVE-2023-21405
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...
CVE-2023-21405 Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...
CVE-2023-21405 Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...
CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...
CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...
CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...
CVE-2023-28810
CVE-2023-28810 — Hikvision access control/intercom products are affected by an improper access control vulnerability that allows unauthorized modification of device network configuration by sending specific data packets to a vulnerable interface within the same local network. The CISA ICS advisor...