Hanwha Security

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-12223 1Hanwha Security 3Srn 1673s Firmware Srn 472s FirmwareSrn 873s Firmware Nov 21, 2024 Sep 5, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117...Show more An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The username triggers a buffer overflow in the main process controlling operation of the DVR system, rendering services unavailable during the reboot operation. A repeated attack affects availability as long as the attacker has network access to the device.Show less
CVE-2018-11689 2Hanwha Security Samsung 10Hrd 1641 Firmware Hrd 1642 FirmwareHrd 440 Firmware+7 more Nov 21, 2024 Jun 14, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsu...Show more Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)Show less
CVE-2018-6303 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Denial of service by uploading malformed firmware in Hanwha Techwin Smartcams
CVE-2018-6302 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams
CVE-2018-6301 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams
CVE-2018-6300 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Remote password change in Hanwha Techwin Smartcams
CVE-2018-6299 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Authentication bypass in Hanwha Techwin Smartcams
CVE-2018-6298 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Remote code execution in Hanwha Techwin Smartcams
CVE-2018-6297 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in Hanwha Techwin Smartcams
CVE-2018-6296 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An undocumented (hidden) capability for switching the web interface in Hanwha Techwin Smartcams
CVE-2018-6295 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
CVE-2018-6294 1Hanwha Security 2Snh V6410pn Firmware Snh V6410pnw Firmware Nov 21, 2024 Mar 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Unsecured way of firmware update in Hanwha Techwin Smartcams
CVE-2017-5169 1Hanwha Security 1Smart Security Manager May 13, 2026 Feb 13, 2017 N/A· v4 7.5 HIGH· v3 5.1 MEDIUM· v2 An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo se...Show more An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.Show less
CVE-2017-5168 1Hanwha Security 1Smart Security Manager May 13, 2026 Feb 13, 2017 N/A· v4 7.5 HIGH· v3 5.1 MEDIUM· v2 An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed...Show more An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.Show less