Hikvision Intercom Broadcast System vulnerabilities
3 known vulnerabilities affecting hikvision/intercom_broadcast_system.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-6895P1CRITICALCVSS 9.8ExploitedPoC≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6895 [CRITICAL] CWE-78 CVE-2023-6895: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and m
nvd
CVE-2023-6893P2HIGHCVSS 7.5≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6893 [HIGH] CWE-22 CVE-2023-6893: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Affected by this issue is some unknown functionality of the file /php/exportrecord.php. The manipulation of the argument downname with the input C:\ICPAS\Wnmp\WWW\php\conversion.php leads to path traversal. The exploit has been di
nvd
CVE-2023-6894P3MEDIUMCVSS 6.5≥ 3.0.3, < 4.1.02023-12-17
CVE-2023-6894 [MEDIUM] CWE-200 CVE-2023-6894: A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been classified as problematic. This affects an unknown part of the file access/html/system.html of the component Log File Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. Upgrad
nvd