This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b93925f645f3fd5895f3fd5895f3fd5895f3fd589
Found HiSiliconDVR firmware: Hardware: General AHB8008T-GL Vulnerable to multiple issues : LFI, possibly RCE
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-11-02 12:54
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-11-01 08:45
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-10-30 07:11
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-10-20 17:15
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-10-16 12:56
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";
Open service 46.4.49.44:80 · 2219aca74a2250394a739e73.keenetic.io
2024-09-30 06:15
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var bCrossBrow=false; var bnpCheck = false; var ShowTipFlag=2; // var SupportFind=false; if(navigator.userAgent.indexOf('IE') < 0) { if(navigator.platform != "Win32")// { location="Login.htm"; } var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { //location="Login.htm"; bCrossBrow=true; var userla=navigator.browserLanguage; switch (browserMatch.browser) { case "firefox": if (compareBrowser(browserMatch.version,"52.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,某些功能将不能正常使用,请下载51.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 51.0 or earlier."); } location="Login.htm"; } break; case "opera": if (compareBrowser(browserMatch.version,"34.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载33.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 33.0 or earlier."); } location="Login.htm"; } break; case "chrome": if (compareBrowser(browserMatch.version,"45.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载44.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 44.0 or earlier."); } location="Login.htm"; } break; case "safari": if (compareBrowser(browserMatch.version,"10.0")){ if(userla=="zh-cn"){ alert("您的浏览器太新了,请下载9.0或以前的版本。"); }else{ alert("Your browser is too new,Some features will not work properly.Please download 9.0 or earlier."); } location="Login.htm"; } break; } } } function compareBrowser(ver1,ver2) { var version1pre = parseFloat(ver1); var version2pre = parseFloat(ver2); var version1next = ver1.replace(version1pre + ".",""); var version2next = ver2.replace(version2pre + ".",""); if(version1pre > version2pre){ return true; }else if(version1pre < version2pre){ return false; }else{ if(version1next > version2next){ return true; }else{ return false; } } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal";