Finding Hikvision IP cameras and recorders on your network
Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in many Hikvision networked video devices. With a “critical” CVSS score of 9.8, this vulnerability affects a long list of Hikvision products (captured in this security advisory) and may have been around for at least the past five years. An attacker only needs access to an open http(s) server port (e.g. 80, 443) on a vulnerable device in order to obtain a root-level shell, giving them total control of the device and providing a foothold for further access into internal networks.
Hikvision has published a security advisory for affected devices, which encourages device owners to update to the latest patched firmware. In addition to the Hikvision brand, this vulnerability is presumed to affect devices OEM’d by Hikvision through other vendors and sold under different brand names.
protocols:http AND (vendor:hikvision OR hw:hikvision)
October 11, 2022
Finding FortiOS, FortiProxy, and FortiSwitchManager assets on your network
A critical authentication bypass vulnerability was found in the web administration interface of some Fortinet products. Tracked as CVE-2022-40684, successful exploitation of this vulnerability via crafted HTTP and HTTPS requests can provide remote attackers with admin-level …
September 30, 2022
Finding Microsoft Exchange Servers on your network
GTSC, a Vietnamese security firm, recently discovered two zero-day vulnerabilities that affect Microsoft Exchange Server 2013, 2016, and 2019. These two vulnerabilities are being tracked as CVE-2022-41040 and CVE-2022-41082.
August 4, 2022
Finding DrayTek Vigor routers
The Trellix Threat Labs Vulnerability Research team recently published vulnerability details affecting almost 30 models of DrayTek Vigor routers. This vulnerability resides in the management interface login page and is trivial to exploit via buffer overflow. An …Read More