Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has released patched firmware for the highlighted flaw. Please refer to the hanwhavision security report for more information and solution."
References
Link | Resource |
---|---|
https://www.hanwhavision.com/wp-content/uploads/2023/11/Camera-Vulnerability-Report-CVE-2023-5747_20231113.pdf | Third Party Advisory |
https://www.hanwhavision.com/wp-content/uploads/2023/11/Camera-Vulnerability-Report-CVE-2023-5747_20231113.pdf | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 08:42
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.hanwhavision.com/wp-content/uploads/2023/11/Camera-Vulnerability-Report-CVE-2023-5747_20231113.pdf - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
17 Nov 2023, 13:51
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-347 | |
References | () https://www.hanwhavision.com/wp-content/uploads/2023/11/Camera-Vulnerability-Report-CVE-2023-5747_20231113.pdf - Third Party Advisory | |
First Time |
Hanwhavision wave Server Software
Hanwhavision pno-a6081r-e1t Firmware Hanwhavision Hanwhavision pno-a6081r-e2t Hanwhavision pno-a6081r-e1t Hanwhavision pno-a6081r-e2t Firmware |
|
CPE | cpe:2.3:a:hanwhavision:wave_server_software:*:*:*:*:*:*:*:* cpe:2.3:h:hanwhavision:pno-a6081r-e2t:-:*:*:*:*:*:*:* cpe:2.3:o:hanwhavision:pno-a6081r-e2t_firmware:2.21.02:*:*:*:*:*:*:* cpe:2.3:h:hanwhavision:pno-a6081r-e1t:-:*:*:*:*:*:*:* cpe:2.3:o:hanwhavision:pno-a6081r-e1t_firmware:2.21.02:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
13 Nov 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-13 08:15
Updated : 2024-11-21 08:42
NVD link : CVE-2023-5747
Mitre link : CVE-2023-5747
CVE.ORG link : CVE-2023-5747
JSON object : View
Products Affected
hanwhavision
- wave_server_software
- pno-a6081r-e2t_firmware
- pno-a6081r-e1t_firmware
- pno-a6081r-e1t
- pno-a6081r-e2t