Finding Hikvision IP cameras and recorders on your network
Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in many Hikvision networked video devices. With a “critical” CVSS score of 9.8, this vulnerability affects a long list of Hikvision products (captured in this security advisory) and may have been around for at least the past five years. An attacker only needs access to an open http(s) server port (e.g. 80, 443) on a vulnerable device in order to obtain a root-level shell, giving them total control of the device and providing a foothold for further access into internal networks.
Hikvision has published a security advisory for affected devices, which encourages device owners to update to the latest patched firmware. In addition to the Hikvision brand, this vulnerability is presumed to affect devices OEM’d by Hikvision through other vendors and sold under different brand names.
Finding Hikvision IP cameras and recorders with Rumble #
protocols:http AND (vendor:hikvision OR hw:hikvision)
September 26, 2023
How to find TeamCity instances
How to find TeamCity assets? # On September 20th, JetBrains announced a critical authentication bypass vulnerability that impacts users running the TeamCity On-Premises product. The vulnerability is being tracked using CVE-2023-42793 and presents the weakness of CWE-288 …Read More
September 12, 2023
How to find OpenSSL 1.1 instances
How to find OpenSSL 1.1 instances # On September 11th, the venerable OpenSSL 1.1.1 reached its end of life date. That means that it will no longer be receiving publicly-available security fixes. Users without a third-party extended support contract will no longer receive …Read More
July 31, 2023
How to find Ivanti EPMM (MobileIron Core)
How to find Ivanti Endpoint Manager Mobile (EPMM) with runZero # On July 24th, Ivanti announced that their Endpoint Manager Mobile (EPMM, formerly MobileIron Core) product versions 11.10 and prior contain a critical authentication bypass vulnerability. Successfully …Read More