Lucene search
Hanwha_VisionCVELIST:CVE-2023-5037HistoryNov 13, 2023 - 7:42 a.m.
CVE-2023-5037 Authenticated Command Injection
2023-11-1307:42:00
CWE-78
Hanwha_Vision
www.cve.org
1
cve
2023
5037
security
vulnerability
7.1 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:N/VI:L/SI:N/VA:H/SA:N
0.0004 Low
EPSS
Percentile
9.8%
badmonkey, a Security Researcher has found a flaw that allows for a authenticated command injection on the camera. An attacker could inject malicious into request packets to execute command. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer’s report for details and workarounds.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "A-Series, Q-Series, PNM-series Camera",
"vendor": "Hanwha Vision Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Prior to version 1.41.16;Prior to version 2.22.00;"
}
]
}
]Related
nvd
nvd
CVE-2023-5037
2023-11-13 08:15:26
cve
cve
CVE-2023-5037
2023-11-13 08:15:26
prion
prion
Open redirect
2023-11-13 08:15:00
vulnrichment
vulnrichment
CVE-2023-5037 Authenticated Command Injection
2023-11-13 07:42:00
7.1 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:N/VI:L/SI:N/VA:H/SA:N
0.0004 Low
EPSS
Percentile
9.8%
Related for CVELIST:CVE-2023-5037