CVE-2023-31995

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.5%

top 35.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

118

Hanwhavision Ane-l6012r Firmware Hanwhavision Ane-l7012r Firmware Hanwhavision Ano-l6012r Firmware +115 more

Timeline

PublishedMay 23

Description

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Cross Site Scripting (XSS).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages118 packages

▶NVDhanwhavision/ane-l7012r_firmware< 1.41.03

▶NVDhanwhavision/ano-l7012r_firmware< 1.41.03

▶NVDhanwhavision/anv-l7012r_firmware< 1.41.03

▶NVDhanwhavision/qnd-6011_firmware< 1.41.14

▶NVDhanwhavision/qnd-6021_firmware< 1.41.14

🔴Vulnerability Details

2

GHSA

GHSA-6p72-ffhg-f6hj: Hanwha IP Camera ANE-L7012R 1↗2023-05-23

▶

CVEList

CVE-2023-31995: Hanwha IP Camera ANE-L7012R 1↗2023-05-23

▶

CVE-2023-31995 (MEDIUM CVSS 5.4) | Hanwha IP Camera ANE-L7012R 1.41.01 | cvebase.io