cbcvebase.

Hikvision Intercom Broadcast System vulnerabilities

3 known vulnerabilities affecting hikvision/intercom_broadcast_system.

Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-6895P1CRITICALCVSS 9.8ExploitedPoC≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6895 [CRITICAL] CWE-78 CVE-2023-6895: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and m
nvd
CVE-2023-6893P2HIGHCVSS 7.5≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6893 [HIGH] CWE-22 CVE-2023-6893: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input C:\ICPAS\Wnmp\WWW\php\conversion.php leads to path traversal. The exploit has been di
nvd
CVE-2023-6894P3MEDIUMCVSS 6.5≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6894 [MEDIUM] CWE-200 CVE-2023-6894: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrad
nvd
Hikvision Intercom Broadcast System vulnerabilities | cvebase