xhmmhttpsv130-20200310
tcp/80
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99bbf7d3a79113113ba113113ba113113ba113113ba
Found HiSiliconDVR firmware: Hardware: General AHB8004R-GS Vulnerable to multiple issues : LFI, possibly RCE
Open service 122.117.104.80:80
2024-04-23 03:38
HTTP/1.1 401 Unauthorized Server: xhmmhttpsv130-20200310 Date: Tue, 23 Apr 2024 11:38:58 GMT Cache-Control: no-cache,no-store WWW-Authenticate: Basic realm="." Content-Type: text/html; charset=%s Connection: close Page title: 401 Unauthorized <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-type" content="text/html;charset=UTF-8"> <title>401 Unauthorized</title> </head> <body bgcolor="#cc9999" text="#000000" link="#2020ff" vlink="#4040cc"> <h4>401 Unauthorized</h4> Authorization required. <hr> <address><a href="http://www.acme.com/software/mini_httpd/">xhmmhttpsv130-20200310</a></address> </body> </html>