CVE-2023-28811
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Affected (40)
Products: Hikvision: Nvr 216mh C(d) Firmware, Nvr 216mh C/16p(d) Firmware, Nvr 208mh C/8p(d) Firmware, Nvr 104mh C/4p(d) Firmware, Nvr 104mh C(d) Firmware, Nvr 108mh C(d) Firmware, Nvr 116mh C(d) Firmware, Ds 7104ni Q1(c) Firmware, Ds 7104ni Q1(d) Firmware, Ds 7108ni Q1(c) Firmware, Ds 7108ni Q1(d) Firmware, Nvr 104mh D(c) Firmware, Nvr 104mh D(d) Firmware, Nvr 108h D(c) Firmware, Nvr 108mh D(c) Firmware, Nvr 108mh D(d) Firmware, Nvr 104mh D/4p(c) Firmware, Nvr 108h D/8p(c) Firmware, Nvr 108h D/8p(d) Firmware, Nvr 108mh D/8p(c) Firmware, Ds 7604ni Q1(c) Firmware, Ds 7604ni Q1/4p(c) Firmware, Ds 7608ni Q1(c) Firmware, Ds 7608ni Q1/8p(c) Firmware, Ds 7608ni Q2(c) Firmware, Ds 7608ni Q2/8p(c) Firmware, Ds 7616ni Q1(c) Firmware, Ds 7616ni Q2/16p(c) Firmware, Ds 7616ni Q2(c) Firmware, Ds 7604ni K1(c) Firmware, Ds 7604ni K1/4p/4g(c) Firmware, Ds 7608ni K1/8p(c) Firmware, Ds 7608ni K1/8p/4g(c) Firmware, Ds 7616ni K1(c) Firmware, Nvr 208mh C(c) Firmware, Nvr 104mh C(c) Firmware, Nvr 108mh C(c) Firmware, Nvr 108mh C/8p(c) Firmware, Nvr 116mh C(c) Firmware, Dvr Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 216mh C(d) | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 216mh C/16p(d) | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 208mh C/8p(d) | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh C/4p(d) | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh C(d) | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh C(d) | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 116mh C(d) | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7104ni Q1(c) | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7104ni Q1(d) | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7108ni Q1(c) | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7108ni Q1(d) | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh D(c) | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh D(d) | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108h D(c) | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh D(c) | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh D(d) | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh D/4p(c) | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108h D/8p(c) | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108h D/8p(d) | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh D/8p(c) | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7604ni Q1(c) | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7604ni Q1/4p(c) | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni Q1(c) | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni Q1/8p(c) | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni Q2(c) | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni Q2/8p(c) | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7616ni Q1(c) | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7616ni Q2/16p(c) | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7616ni Q2(c) | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7604ni K1(c) | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7604ni K1/4p/4g(c) | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni K1/8p(c) | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7608ni K1/8p/4g(c) | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds 7616ni K1(c) | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 208mh C(c) | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 104mh C(c) | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh C(c) | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 108mh C/8p(c) | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Nvr 116mh C(c) | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.1.60 |
References (2)
Source: hsrc@hikvision.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.