This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b0731aca679766ae779766ae779766ae779766ae7
Found HiSiliconDVR firmware: Hardware: General AHB7804R-MH-V2 Vulnerable to multiple issues : LFI, possibly RCE
Open service 194.44.199.161:81
2024-05-31 20:36
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: Partizan <!DOCTYPE html> <html> <head> <title>Partizan</title> <meta charset="utf-8"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="shortcut icon" href="./img/Icon-Global.png"> <link rel="stylesheet" type="text/css" href="./css/style.css"> <script type="text/javascript" src="./js/frameworks/jquery-3.2.1.min.js"></script> <script type="text/javascript" src="./js/frameworks/jsmultilang.js"></script> <script type="text/javascript" src="./js/frameworks/js.cookie.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/english.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/russian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/ukrainian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/czech.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/deutsch.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/french.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/polish.js"></script> <!-- <script type="text/javascript" src="./js/vocabulary/initVocabulary.js"></script> --> </head> <body cz-shortcut-listen="true"> <div id="main_container"> <header> <div id="top_graphic" class="noselect" style=""> <a href="http://partizan.global"> <img class="top_graphic_logo" src="./img/logo.png" alt=""/> </a> <div class="fone_pic"> </div> <div id="top_menu" class="navigation_right"> <!-- TODO: Fix after translations --> <div class="lang"> <ul> <li role="presentation" id="languages_panel" class="top-menu-element noselect"> <nav> <ul class="dropdown-with-border-radius"> <li><a id="current_language" class="current-language"></a> <ul class="language-dropdown-closed"> </ul> </li> </ul> </nav> </li> </ul> </div> <div id="btn" class=""> <div class=""> <div class="menu-wrap"> <ul> <li class="item_1"> <a href="http://partizan.global"> <span class="icon_partizan"> <!-- <svg class="partizan_global"> <use class="partizan_global" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="img/icon-global.svg#global"></use> </svg> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> </span> <span class="p_label">PARTIZAN GLOBAL</span> </a> </li> <ul> </div> </div> </div> </header> <div id="header_bottom_line_div"></div> <!-- <script type="text/javascript" src="./js/header.js"></script> --> <div id="content"> <div id="main_column"> <!-- <div class="download-button-line"> --> <div class="download-button-wrapper"> <!-- <a> --> <!-- <nav > --> <a href="http://apps.partizan.global" class="download-button noselect get_soft">GET SOFTWARE</a> <img class="arrow_btn" src="img/arrow-bigbutton.png">
Open service 194.44.199.161:80
2024-05-30 19:21
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Content-Length: 13429 Connection: close <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <META http-equiv=Content-Type content="text/html; charset=utf-8" /> <META http-equiv=Pragma content=no-cache> <META http-equiv=Expires content=0> <!-- <link rel="stylesheet" href="../css/login.css" type="text/css" /> <link rel="stylesheet" href="../img/login/login.css" type="text/css" /> --> <style type="text/css"> body{ font-family:Arial, sans-serief; background-color:#FFFFFF; margin:0px; padding:0px; } div.loginBox { display: block; position:relative; margin-top:10%; text-align:center; } .noteDiv{ color:gray; font-family:Arial; width:395px; text-align:left; margin:0px auto; font-size:14px; } #note{ display:inline-block; vertical-align:top; _display:inline; _zoom:1; width:110px; font-weight:bold; } #tip{ display:inline-block; vertical-align:top; _display:inline; _zoom:1; width:390px; font-weight:bold; } div.panelThre{ margin-top:10px; } div.picDiv{ width:395px; height:276px; /*background:url(../login/loginbg.png);*/ position:relative; } input.pcPassword{ width:300px; height:50px; line-height:50px; padding-left:20px; } div.PCBtnDiv{ position:relative; margin-top:20px; } img.logoPic{ width:100%; } #copyright{ -webkit-text-size-adjust:none; font-size:8px; color:#6a6969; font-family:"Verdana"; font-weight:normal; margin-top:40px; display:inline-block; } .topLogo{ background-color: #4ACBD6; height:96px; overflow: hidden; } tr{ vertical-align: top; } .topLogo td a img{ margin:27px 0 0 25px; } .topLogo td.last-td img{ float: right; margin-right: 14px; opacity: 0.3; filter:alpha(opacity=30); } ul{ padding:60px 0px 0px 0px; margin:0px; list-style:none; } ul li{ height:32px; width:250px; text-align: left; } li.unLi{ /*background:url(../login/loginUser.png);*/ background:url(../img/login/input-box.png); } li.pwLi{ /*background:url(../login/loginPwd.png);*/ background:url(../img/login/input-box.png); } li.blank{ height:8px; } input.text{ border:0px; height:32px; line-height:32px; width:175px; padding:0px; /*margin-left: 39px;*/ font-size:14px; color:#A7A9AC; font-family:"Arial","Verdana"; font-weight:normal; background-color: transparent; vertical-align: top; } input.text:focus{ outline: none; } label.loginBtn{ height:32px; display:inline-block; width:250px; margin-top:8px; line-height: 32px; color: #FFFFFF; font-size:18px; font-family: Arial; background:url(../img/login/loginButton.png); cursor:pointer; } li img{ line-height: 40px; margin: 9px 6px 9px 9px; } iframe#top{ width:100%; height:96px; border: none; display: block; } html{ overflow: hidden; } table,tr,td{ padding: 0; } td { font-family:"Times New Roman", "ËÎÌå"; font-size: 12px; } form { font-family:"Times New Roman", "ËÎÌå"; font-size: 12px; } /* body { font-family:"Arial Black", "ºÚÌå"; font-size: 16px; background: #4ACBD6 } */ .style1 { font-family:Arial; color: #FFFFFF; font-size: 18px; padding-right: 50; text-align: left; font-weight: bold; white-space: nowrap; } .style2 { font-size: 14px; font-family:Arial; font-weight: bold; padding-right: 50; text-align: left; white-space: nowrap; color: #FFFFFF; } tr{ vertical-align: top; } #first-td{ width:234px; } #first-td img { margin:27px 0 0 25px; cursor: pointer; } #second-td { padding-top: 25px; } #third-td img { float:right; opacity: 0.3; filter\0: alpha(opacity=30); margin-right: 14px; } input[type="text"]::-ms-clear,
Open service 194.44.199.161:81
2024-05-29 20:18
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: Partizan <!DOCTYPE html> <html> <head> <title>Partizan</title> <meta charset="utf-8"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="shortcut icon" href="./img/Icon-Global.png"> <link rel="stylesheet" type="text/css" href="./css/style.css"> <script type="text/javascript" src="./js/frameworks/jquery-3.2.1.min.js"></script> <script type="text/javascript" src="./js/frameworks/jsmultilang.js"></script> <script type="text/javascript" src="./js/frameworks/js.cookie.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/english.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/russian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/ukrainian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/czech.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/deutsch.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/french.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/polish.js"></script> <!-- <script type="text/javascript" src="./js/vocabulary/initVocabulary.js"></script> --> </head> <body cz-shortcut-listen="true"> <div id="main_container"> <header> <div id="top_graphic" class="noselect" style=""> <a href="http://partizan.global"> <img class="top_graphic_logo" src="./img/logo.png" alt=""/> </a> <div class="fone_pic"> </div> <div id="top_menu" class="navigation_right"> <!-- TODO: Fix after translations --> <div class="lang"> <ul> <li role="presentation" id="languages_panel" class="top-menu-element noselect"> <nav> <ul class="dropdown-with-border-radius"> <li><a id="current_language" class="current-language"></a> <ul class="language-dropdown-closed"> </ul> </li> </ul> </nav> </li> </ul> </div> <div id="btn" class=""> <div class=""> <div class="menu-wrap"> <ul> <li class="item_1"> <a href="http://partizan.global"> <span class="icon_partizan"> <!-- <svg class="partizan_global"> <use class="partizan_global" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="img/icon-global.svg#global"></use> </svg> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> </span> <span class="p_label">PARTIZAN GLOBAL</span> </a> </li> <ul> </div> </div> </div> </header> <div id="header_bottom_line_div"></div> <!-- <script type="text/javascript" src="./js/header.js"></script> --> <div id="content"> <div id="main_column"> <!-- <div class="download-button-line"> --> <div class="download-button-wrapper"> <!-- <a> --> <!-- <nav > --> <a href="http://apps.partizan.global" class="download-button noselect get_soft">GET SOFTWARE</a> <img class="arrow_btn" src="img/arrow-bigbutton.png">
Open service 194.44.199.161:81
2024-05-28 23:30
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: Partizan <!DOCTYPE html> <html> <head> <title>Partizan</title> <meta charset="utf-8"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="shortcut icon" href="./img/Icon-Global.png"> <link rel="stylesheet" type="text/css" href="./css/style.css"> <script type="text/javascript" src="./js/frameworks/jquery-3.2.1.min.js"></script> <script type="text/javascript" src="./js/frameworks/jsmultilang.js"></script> <script type="text/javascript" src="./js/frameworks/js.cookie.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/english.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/russian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/ukrainian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/czech.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/deutsch.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/french.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/polish.js"></script> <!-- <script type="text/javascript" src="./js/vocabulary/initVocabulary.js"></script> --> </head> <body cz-shortcut-listen="true"> <div id="main_container"> <header> <div id="top_graphic" class="noselect" style=""> <a href="http://partizan.global"> <img class="top_graphic_logo" src="./img/logo.png" alt=""/> </a> <div class="fone_pic"> </div> <div id="top_menu" class="navigation_right"> <!-- TODO: Fix after translations --> <div class="lang"> <ul> <li role="presentation" id="languages_panel" class="top-menu-element noselect"> <nav> <ul class="dropdown-with-border-radius"> <li><a id="current_language" class="current-language"></a> <ul class="language-dropdown-closed"> </ul> </li> </ul> </nav> </li> </ul> </div> <div id="btn" class=""> <div class=""> <div class="menu-wrap"> <ul> <li class="item_1"> <a href="http://partizan.global"> <span class="icon_partizan"> <!-- <svg class="partizan_global"> <use class="partizan_global" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="img/icon-global.svg#global"></use> </svg> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> </span> <span class="p_label">PARTIZAN GLOBAL</span> </a> </li> <ul> </div> </div> </div> </header> <div id="header_bottom_line_div"></div> <!-- <script type="text/javascript" src="./js/header.js"></script> --> <div id="content"> <div id="main_column"> <!-- <div class="download-button-line"> --> <div class="download-button-wrapper"> <!-- <a> --> <!-- <nav > --> <a href="http://apps.partizan.global" class="download-button noselect get_soft">GET SOFTWARE</a> <img class="arrow_btn" src="img/arrow-bigbutton.png">
Open service 194.44.199.161:81
2024-05-28 21:51
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: Partizan <!DOCTYPE html> <html> <head> <title>Partizan</title> <meta charset="utf-8"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="shortcut icon" href="./img/Icon-Global.png"> <link rel="stylesheet" type="text/css" href="./css/style.css"> <script type="text/javascript" src="./js/frameworks/jquery-3.2.1.min.js"></script> <script type="text/javascript" src="./js/frameworks/jsmultilang.js"></script> <script type="text/javascript" src="./js/frameworks/js.cookie.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/english.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/russian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/ukrainian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/czech.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/deutsch.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/french.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/polish.js"></script> <!-- <script type="text/javascript" src="./js/vocabulary/initVocabulary.js"></script> --> </head> <body cz-shortcut-listen="true"> <div id="main_container"> <header> <div id="top_graphic" class="noselect" style=""> <a href="http://partizan.global"> <img class="top_graphic_logo" src="./img/logo.png" alt=""/> </a> <div class="fone_pic"> </div> <div id="top_menu" class="navigation_right"> <!-- TODO: Fix after translations --> <div class="lang"> <ul> <li role="presentation" id="languages_panel" class="top-menu-element noselect"> <nav> <ul class="dropdown-with-border-radius"> <li><a id="current_language" class="current-language"></a> <ul class="language-dropdown-closed"> </ul> </li> </ul> </nav> </li> </ul> </div> <div id="btn" class=""> <div class=""> <div class="menu-wrap"> <ul> <li class="item_1"> <a href="http://partizan.global"> <span class="icon_partizan"> <!-- <svg class="partizan_global"> <use class="partizan_global" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="img/icon-global.svg#global"></use> </svg> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> </span> <span class="p_label">PARTIZAN GLOBAL</span> </a> </li> <ul> </div> </div> </div> </header> <div id="header_bottom_line_div"></div> <!-- <script type="text/javascript" src="./js/header.js"></script> --> <div id="content"> <div id="main_column"> <!-- <div class="download-button-line"> --> <div class="download-button-wrapper"> <!-- <a> --> <!-- <nav > --> <a href="http://apps.partizan.global" class="download-button noselect get_soft">GET SOFTWARE</a> <img class="arrow_btn" src="img/arrow-bigbutton.png">
Open service 194.44.199.161:81
2024-05-27 22:01
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: Partizan <!DOCTYPE html> <html> <head> <title>Partizan</title> <meta charset="utf-8"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="shortcut icon" href="./img/Icon-Global.png"> <link rel="stylesheet" type="text/css" href="./css/style.css"> <script type="text/javascript" src="./js/frameworks/jquery-3.2.1.min.js"></script> <script type="text/javascript" src="./js/frameworks/jsmultilang.js"></script> <script type="text/javascript" src="./js/frameworks/js.cookie.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/english.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/russian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/ukrainian.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/czech.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/deutsch.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/french.js"></script> <script type="text/javascript" src="./js/vocabulary/vocabulary/polish.js"></script> <!-- <script type="text/javascript" src="./js/vocabulary/initVocabulary.js"></script> --> </head> <body cz-shortcut-listen="true"> <div id="main_container"> <header> <div id="top_graphic" class="noselect" style=""> <a href="http://partizan.global"> <img class="top_graphic_logo" src="./img/logo.png" alt=""/> </a> <div class="fone_pic"> </div> <div id="top_menu" class="navigation_right"> <!-- TODO: Fix after translations --> <div class="lang"> <ul> <li role="presentation" id="languages_panel" class="top-menu-element noselect"> <nav> <ul class="dropdown-with-border-radius"> <li><a id="current_language" class="current-language"></a> <ul class="language-dropdown-closed"> </ul> </li> </ul> </nav> </li> </ul> </div> <div id="btn" class=""> <div class=""> <div class="menu-wrap"> <ul> <li class="item_1"> <a href="http://partizan.global"> <span class="icon_partizan"> <!-- <svg class="partizan_global"> <use class="partizan_global" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="img/icon-global.svg#global"></use> </svg> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> <!-- <img class="partizan_global" src="./img/icon-global.png" alt=""/> --> </span> <span class="p_label">PARTIZAN GLOBAL</span> </a> </li> <ul> </div> </div> </div> </header> <div id="header_bottom_line_div"></div> <!-- <script type="text/javascript" src="./js/header.js"></script> --> <div id="content"> <div id="main_column"> <!-- <div class="download-button-line"> --> <div class="download-button-wrapper"> <!-- <a> --> <!-- <nav > --> <a href="http://apps.partizan.global" class="download-button noselect get_soft">GET SOFTWARE</a> <img class="arrow_btn" src="img/arrow-bigbutton.png">