LHS
tcp/8000
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b88068696a513f797a513f797a513f797a513f797
Found HiSiliconDVR firmware: Hardware: General AHB7004T-GS-V3 Vulnerable to multiple issues : LFI, possibly RCE
Open service 115.76.91.203:8000
2024-06-02 11:01
HTTP/1.1 200 OK Content-type: text/html; charset=utf-8 Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://www.google.com; connect-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob:; img-src 'self' data: *; media-src * blob: X-XSS-Protection: 1 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Transfer-Encoding: chunked Connection: close Date: Sun, 02 Jun 2024 11:01:27 GMT Server: LHS <html><head><meta http-equiv="refresh" content="0; url=portal/?665C5107" /></head></html>
Open service 115.76.91.203:8000
2024-05-28 17:45
HTTP/1.1 200 OK Content-type: text/html; charset=utf-8 Content-Security-Policy: default-src 'self' 'unsafe-inline' data: https://www.google.com; connect-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob:; img-src 'self' data: *; media-src * blob: X-XSS-Protection: 1 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Transfer-Encoding: chunked Connection: close Date: Tue, 28 May 2024 17:45:57 GMT Server: LHS <html><head><meta http-equiv="refresh" content="0; url=portal/?66561855" /></head></html>