The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
References
Link | Resource |
---|---|
https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/ | Patch Vendor Advisory |
Information
Published : 2022-12-19 08:15
Updated : 2022-12-29 10:46
NVD link : CVE-2022-28173
Mitre link : CVE-2022-28173
JSON object : View
CWE
Products Affected
hikvision
- ds-3wf0ac-2nt_firmware
- ds-3wf01c-2n\/o_firmware
- ds-3wf0ac-2nt
- ds-3wf01c-2n\/o