This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b6824439748f71efc48f71efc48f71efc48f71efc
Found HiSiliconDVR firmware: Hardware: NOCRYPO AHD9208PE_H Vulnerable to multiple issues : LFI, possibly RCE
Open service 88.205.135.165:8080
2024-05-31 20:58
HTTP/1.1 403 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Type: application/json Transfer-Encoding: chunked Date: Fri, 31 May 2024 20:58:59 GMT Connection: close {"timestamp":"2024-05-31T20:58:59.497+00:00","status":403,"error":"Forbidden","message":"","path":"/"}
Open service 88.205.135.165:8080
2024-05-23 08:34
HTTP/1.1 403 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Type: application/json Transfer-Encoding: chunked Date: Thu, 23 May 2024 08:34:25 GMT Connection: close {"timestamp":"2024-05-23T08:34:26.351+00:00","status":403,"error":"Forbidden","message":"","path":"/"}