Ipc Hdbw2431r Zs S2 Firmware

ipc-hdbw2431r-zs-s2_firmware

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-30563 1Dahuasecurity 40Asi7213x T1 Firmware Asi7213x FirmwareAsi7223x A T1 Firmware+37 more Nov 21, 2024 Jun 28, 2022 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet.
CVE-2022-30562 1Dahuasecurity 40Asi7213x T1 Firmware Asi7213x FirmwareAsi7223x A T1 Firmware+37 more Nov 21, 2024 Jun 28, 2022 N/A· v4 4.7 MEDIUM· v3 4.0 MEDIUM· v2 If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results...Show more If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page.Show less
CVE-2022-30561 1Dahuasecurity 40Asi7213x T1 Firmware Asi7213x FirmwareAsi7223x A T1 Firmware+37 more Nov 21, 2024 Jun 28, 2022 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet.
CVE-2022-30560 1Dahuasecurity 40Asi7213x T1 Firmware Asi7213x FirmwareAsi7223x A T1 Firmware+37 more Nov 21, 2024 Jun 28, 2022 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.