PT-2023-32804 · Hikvision · Hikvision Intercom Broadcasting System

Willchen

Publicado

2023-12-17

Atualizado

2024-05-17

CVE-2023-6894

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASE(HIK)

Description A vulnerability was found in the Log File Handler component, affecting an unknown part of the file access/html/system.html. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used.

Recommendations For Hikvision Intercom Broadcasting System version 3.0.3 20201113 RELEASE(HIK), upgrade to version 4.1.0 to address this issue. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting access to the access/html/system.html file until the issue is resolved.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2023-6894

Produtos afetados

Hikvision Intercom Broadcasting System

PT-2023-32804 · Hikvision · Hikvision Intercom Broadcasting System

CVE-2023-6894

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8