This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b165cd1a054247ea554247ea554247ea554247ea5
Found HiSiliconDVR firmware: Hardware: General AHB8008R-MH Vulnerable to multiple issues : LFI, possibly RCE
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-19 23:05
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Wed, 19 Jun 2024 23:05:51 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-17 22:58
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Mon, 17 Jun 2024 22:58:56 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-15 23:46
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Sat, 15 Jun 2024 23:46:02 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-11 22:51
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Tue, 11 Jun 2024 22:51:30 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-09 22:39
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Sun, 09 Jun 2024 22:39:48 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-07 22:43
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Fri, 07 Jun 2024 22:43:42 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-05 22:30
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Wed, 05 Jun 2024 22:30:13 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>
Open service 195.201.63.43:80 · koroleva8.keenetic.name
2024-06-03 23:01
HTTP/1.1 403 Forbidden Server: NDM NDNS Date: Mon, 03 Jun 2024 23:01:35 GMT Content-Type: text/html Content-Length: 975 Cache-Control: no-store, no-cache, max-age=0, private X-Detail: Direct Only (0x20) Set-Cookie: X-Detail=403 32; max-age=300 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <base href="https://static.keenetic.net/kdns201/"/> <link rel="shortcut icon" href="favicon.ico" /> <link rel="stylesheet" href="style.css" /> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=cyrillic" /> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" /> <meta http-equiv="Content-Security-Policy" content=" default-src 'self' https://static.keenetic.net/kdns201/ ; style-src 'self' 'unsafe-inline' https: ; font-src 'self' https: ; img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ; script-src 'self' https://static.keenetic.net/kdns201/ ; " /> <script defer src="script.js"></script> <title>Error</title> </head> <body> <noscript>403</noscript> <main class="template" /> </body> </html>