Описание
badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
Затрагиваемое ПО
Hanwhavision Ano-l6012r firmwareHanwhavision Ano-l6012rHanwhavision Ano-l6022r firmwareHanwhavision Ano-l6022rHanwhavision Anv-l6012r firmwareHanwhavision Anv-l6012rHanwhavision Ano-l6082r firmwareHanwhavision Ano-l6082rHanwhavision Ane-l6012r firmwareHanwhavision Ane-l6012rHanwhavision Anv-l6082r firmwareHanwhavision Anv-l6082rHanwhavision Ano-l7082r firmwareHanwhavision Ano-l7082rHanwhavision Ane-l7012r firmwareHanwhavision Ane-l7012rHanwhavision Anv-l7082r firmwareHanwhavision Anv-l7082rHanwhavision Ano-l7012r firmwareHanwhavision Ano-l7012rHanwhavision Ano-l7022r firmwareHanwhavision Ano-l7022rHanwhavision Anv-l7012r firmwareHanwhavision Anv-l7012rHanwhavision Pnm-c9022rv firmware
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Источники
https://www.hanwhavision.com/wp-content/uploads/2024/06/Camera-Vulnerability-Report-CVE-2023-5037-5038.pdfhttps://www.hanwhavision.com/wp-content/uploads/2024/06/Camera-Vulnerability-Report-CVE-2023-5037-5038.pdf