8.8
CVE-2023-5747
- EPSS 0.34%
- Veröffentlicht 13.11.2023 08:15:26
- Zuletzt bearbeitet 21.11.2024 08:42:24
- Quelle fc9afe74-3f80-4fb7-a313-e6f036
- CVE-Watchlists
- Unerledigt
LoginBashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has released patched firmware for the highlighted flaw. Please refer to the hanwhavision security report for more information and solution."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hanwhavision ≫ Wave Server Software Version < 5.1.1.37647
Hanwhavision ≫ Pno-a6081r-e1t Firmware Version2.21.02
Hanwhavision ≫ Wave Server Software Version < 5.1.1.37647
Hanwhavision ≫ Pno-a6081r-e2t Firmware Version2.21.02
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.562 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| fc9afe74-3f80-4fb7-a313-e6f036a89882 | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-345 Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
CWE-347 Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.