Hanwhavision Xnp-6320H Firmware vulnerabilities

CVE-2025-52598 [MEDIUM] CWE-295 CVE-2025-52598: Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Sys Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

CVE-2025-52600 [MEDIUM] CWE-20 CVE-2025-52600: Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Sys Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the user's host PC.The manufacturer has released patch f

CVE-2025-52601 [MEDIUM] CWE-321 CVE-2025-52601: Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Sys Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. The manufacturer has released patch firmware for the

CVE-2025-8075 [MEDIUM] CWE-20 CVE-2025-8075: Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Sys Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manufacturer has released patch firmware for the flaw, plea

CVE-2025-52599 [MEDIUM] CWE-269 CVE-2025-52599: Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Sys Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

CVE-2023-31994 [MEDIUM] CVE-2023-31994: Certain Hanwha products are vulnerable to Denial of Service (DoS). ck vector is: When an empty UDP p Certain Hanwha products are vulnerable to Denial of Service (DoS). ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service (DoS) via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R 1.41.01 and IP Camera XNV-9082R 2.10.02.