PT-2023-21984 · Hikvision · Ds-K1T320Xxx+24
Andres Hinnosaar
+1
·
Published
2023-06-15
·
Updated
2023-06-30
·
CVE-2023-28810
CVSS v3.1
4.3
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Access control/intercom products (affected versions not specified)
Description
The issue allows attackers to modify device network configuration by sending specific data packets to the vulnerable interface within the same local network. This can be done by exploiting the unauthorized modification of device network configuration vulnerability in access control/intercom products.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ds-K1T320Xxx
Ds-K1T341Axx
Ds-K1T341C
Ds-K1T343Xxx
Ds-K1T671Xxx
Ds-K1T804Axx
Ds-Kh63 Series
Ds-Kh9310-Wte1(B)
Ds-K1T320Efwx Firmware
Ds-K1T320Efx Firmware
Ds-K1T341Am Firmware
Ds-K1T341Amf Firmware
Ds-K1T343Efwx Firmware
Ds-K1T343Efx Firmware
Ds-K1T671 Firmware
Ds-K1T804Af Firmware
Ds-Kh6220-Le1 Firmware
Ds-Kh6320-Le1 Firmware
Ds-Kh6320-Tde1 Firmware
Ds-Kh6350-Wte1 Firmware
Ds-Kh6351-Te1 Firmware
Ds-Kh63Le1(B) Firmware
Ds-Kh8520-Wte1 Firmware
Ds-Kh9310-Wte1(B) Firmware
Ds-Kh9510-Wte1(B) Firmware