01304 827609 info@use-ip.co.uk Find us

Hikvision Buffer Overflow Vulnerability

Phil

Phil

Administrator
Staff member
Messages
5,156
Points
113
Hikvision have declared a possible vulnerability and released a fix for it.

As is normal, the best advice is to please make sure you keep your devices updated to the latest available firmware version.

More details:

A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, a successful exploit can corrupt memory and lead to arbitrary code execution or crash the process. Read more...
 
Thanks Phil. One of my cameras was on the affected list, but the Hikvision U.S. website still showed the impacted/affected firmware as the 'newest' out there. I finally found the newest version by doing a google search of the exact IP camera model and accidentally came across it on the Europe Hikvision website when someone linked it on another website because they couldn't reset their password. By viewing the firmware folder of the different versions on the Europe Hikvision website, I found the newest version and flashed the firmware. All good to go now :)
 
Last edited:
You must log in or register to reply here.

Similar threads

Phil
  • Locked
  • Sticky
Firmware New V5.2.006 Firmware for M and NXI series NVRs to fix a newly declared vulnerability [CVE-2024-29949] - 2nd April 2024
Replies
11
Views
3K
Chriss5471
C
Phil
  • Sticky
Please Read: Web Browser Plug-in Vulnerabilities Patch (CVE-2023-28812, CVE-2023-28813)
Replies
2
Views
4K
David
D
Phil
  • Sticky
Firmware Global Security Notification to disclose a vulnerability (CVE-2023-28811) in Hikvision NVRs/DVRs
Replies
2
Views
4K
Phil
Phil
Phil
  • Sticky
Please Read: Hik-Connect Module Vulnerability Patch (CVE-2023-48121)
Replies
19
Views
6K
Phil
Phil
JB1970
Monday 26-06-23 - Tonights BBC Panorama Program
Replies
3
Views
3K
Phil
Phil
Back
Top