The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
References
Configurations
History
21 Nov 2024, 06:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/ - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
Information
Published : 2022-12-19 16:15
Updated : 2024-11-21 06:56
NVD link : CVE-2022-28173
Mitre link : CVE-2022-28173
CVE.ORG link : CVE-2022-28173
JSON object : View
Products Affected
hikvision
- ds-3wf0ac-2nt
- ds-3wf0ac-2nt_firmware
- ds-3wf01c-2n\/o
- ds-3wf01c-2n\/o_firmware
CWE