CVE-2022-28173

The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hikvision:ds-3wf0ac-2nt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-3wf0ac-2nt:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hikvision:ds-3wf01c-2n\/o_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-3wf01c-2n\/o:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-12-19 16:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-28173

Mitre link : CVE-2022-28173

CVE.ORG link : CVE-2022-28173


JSON object : View

Products Affected

hikvision

  • ds-3wf0ac-2nt
  • ds-3wf01c-2n\/o_firmware
  • ds-3wf0ac-2nt_firmware
  • ds-3wf01c-2n\/o
CWE
NVD-CWE-Other CWE-284

Improper Access Control