Hikvision Ds-A71024 Firmware vulnerabilities
3 known vulnerabilities affecting hikvision/ds-a71024_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-28171P1CRITICALCVSS 9.8PoC≤ 2.3.8-6≤ 1.1.42022-06-27
CVE-2022-28171 [CRITICAL] CWE-78 CVE-2022-28171: The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vul
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
nvd
CVE-2023-28808P2CRITICALCVSS 9.8≤ 2.3.8-8≤ 1.1.42023-04-11
CVE-2023-28808 [CRITICAL] CWE-284 CVE-2023-28808: Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
nvd
CVE-2022-28172P4MEDIUMCVSS 6.1≤ 2.3.8-6≤ 1.1.42022-06-27
CVE-2022-28172 [MEDIUM] CWE-79 CVE-2022-28172: The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vul
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.
nvd