xxxxxxxx-xxxxx
tcp/10443
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b88068696a513f797a513f797a513f797a513f797
Found HiSiliconDVR firmware: Hardware: General AHB7004T-GS-V3 Vulnerable to multiple issues : LFI, possibly RCE
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b88068696a513f797a513f797a513f797a513f797
Found HiSiliconDVR firmware: Hardware: General AHB7004T-GS-V3 Vulnerable to multiple issues : LFI, possibly RCE
Open service 125.26.97.17:10443
2024-04-25 22:02
HTTP/1.1 200 OK Date: Thu, 25 Apr 2024 22:02:49 GMT Server: xxxxxxxx-xxxxx Last-Modified: Thu, 29 Jul 2021 23:34:56 GMT ETag: "83-61033b20" Accept-Ranges: bytes Content-Length: 131 Connection: close Content-Type: text/html X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000
Open service 125.26.97.17:443
2024-04-25 14:29
HTTP/1.1 302 Found Date: Thu, 25 Apr 2024 14:30:00 GMT X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15552000 Location: https://125.26.97.17/ng Content-Length: 207 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://125.26.97.17/ng">here</a>.</p> </body></html>
Open service 125.26.97.17:10443
2024-04-23 19:13
HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 19:13:36 GMT Server: xxxxxxxx-xxxxx Last-Modified: Thu, 29 Jul 2021 23:34:56 GMT ETag: "83-61033b20" Accept-Ranges: bytes Content-Length: 131 Connection: close Content-Type: text/html X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000
Open service 125.26.97.17:443
2024-04-23 19:10
HTTP/1.1 302 Found Date: Tue, 23 Apr 2024 19:10:14 GMT X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15552000 Location: https://125.26.97.17/ng Content-Length: 207 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://125.26.97.17/ng">here</a>.</p> </body></html>