lighttpd 1.4.35
tcp/443 tcp/80
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b9ef7d2d583a0925683a0925683a0925683a09256
Found HiSiliconDVR firmware: Hardware: General TVI9708H_H Vulnerable to multiple issues : LFI, possibly RCE
Open service 188.59.104.21:443
2024-09-11 18:26
HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "3691712708" Last-Modified: Fri, 29 Dec 2023 11:45:31 GMT Content-Length: 73 Connection: close Date: Thu, 04 Jan 2024 16:46:44 GMT Server: lighttpd/1.4.35 <html> <script> location.href = "/gui/login.cgi"; </script> </html>
Open service 188.59.104.21:80
2024-09-09 22:50
HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "3691712708" Last-Modified: Fri, 29 Dec 2023 11:45:31 GMT Content-Length: 73 Connection: close Date: Tue, 02 Jan 2024 21:10:53 GMT Server: lighttpd/1.4.35 <html> <script> location.href = "/gui/login.cgi"; </script> </html>