Описание
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.
Уязвимые конфигурации
Конфигурация 1Версия до 4.30.122_201107 (включая)
Одновременно
cpe:2.3:o:hikvision:ds-7104hghi-f1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7104hghi-f1:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 4.30.122_201107 (включая)
Одновременно
cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 6.2
github
около 2 месяцев назад
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.
EPSS
Процентиль: 21%
0.00068
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-269