Lucene search
Muhammad Navaid Zafar Ansari1337DAY-ID-38177HistoryFeb 01, 2023 - 12:00 a.m.
Hikvision Remote Code Execution / XSS / SQL Injection Vulnerabilities
2023-02-0100:00:00
Muhammad Navaid Zafar Ansari
0day.today
461
hikvision
surveillance
iot equipment
remote code execution
xss
sql injection
network
firmware
thurein soe
0.272 Low
EPSS
Percentile
96.8%
Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.
Detailed Information
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Product Name: Hikvision
Vendor Home Page: https://www.hikvision.com
Fixed Version: fixed versions were released by Hikvision
Vulnerability Type: CWE-78,89 and 94
CVE Numbers: CVE-2022-28171-CVE-2022-28172
Author of Advisory: Thurein Soe
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vendor Description:
Hikvision is a world-leading surveillance manufacturer and supplier of
video surveillance and Internet of Things (IoT) equipment for civilian and
military purposes.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vulnerability description:
Some Hikvision Hybrid SAN Products were vulnerable to multiple remote code
execution (command injection) vulnerabilities, including Reflected XSS,
Ruby code injection, classic and blind SQL injection resulting in remote
code execution that allows an adversary to execute arbitrary operating
system commands etc. However, an adversary must be on the same network to
leverage this vulnerability to execute arbitrary commands.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vulnerable Versions:
Ds-a71024 Firmware
Ds-a71024 Firmware
Ds-a71048r-cvs Firmware
Ds-a71048 Firmware
Ds-a71072r Firmware
Ds-a71072r Firmware
Ds-a72024 Firmware
Ds-a72024 Firmware
Ds-a72048r-cvs Firmware
Ds-a72072r Firmware
Ds-a80316s Firmware
Ds-a80624s Firmware
Ds-a81016s Firmware
Ds-a82024d Firmware
Ds-a71048r-cvs
Ds-a71024
Ds-a71048
Ds-a71072r
Ds-a80624s
Ds-a82024d
Ds-a80316s
Ds-a81016s
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Credits:
Thurein Soe
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
References:
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-hybrid-san-products/
https://cve.report/CVE-2022-28171
Related
nvd
nvd
CVE-2022-28171
2022-06-27 18:15:09
CVE-2022-28172
2022-06-27 18:15:09
cve
cve
CVE-2022-28171
2022-06-27 18:15:09
CVE-2022-28172
2022-06-27 18:15:09
zdt
zdt
prion
prion
Input validation
2022-06-27 18:15:00
Input validation
2022-06-27 18:15:00
cvelist
cvelist
CVE-2022-28171
2022-06-27 00:00:00
CVE-2022-28172
2022-06-27 00:00:00
cnvd
cnvd
Hikvision Hybrid SAN/Cluster Storage Cross-Site Scripting Vulnerability
2022-06-30 00:00:00
packetstorm
packetstorm
Hikvision Hybrid SAN Ds-a71024 SQL Injection
2023-07-20 00:00:00
exploitdb
exploitdb
Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution
2023-07-19 00:00:00