PT-2019-8603 · Hanwha Techwin · Srn-4000

Published

2019-04-08

Updated

2019-10-09

CVE-2017-7912

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hanwha Techwin SRN-4000 versions prior to SRN4000 v2.16 170401

Description A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication.

Recommendations For versions prior to SRN4000 v2.16 170401, update the firmware to SRN4000 v2.16 170401 or later to resolve the issue.

Fix

Improper Access Control

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-287

Related Identifiers

CVE-2017-7912

Affected Products

Srn-4000

PT-2019-8603 · Hanwha Techwin · Srn-4000

CVE-2017-7912

Weakness Enumeration

Related Identifiers

Affected Products

References · 3