ID
VAR-201610-0731
TITLE
Hikvision Elisa Live IP camera has an XXE external entity injection vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2016-09329
DESCRIPTION
Hangzhou Hikvision Digital Technology Co., Ltd. ElisaLiveIPcamera is a network camera. Hikvision ElisaLiveIPcamera has an XXE external entity injection vulnerability. An attacker can exploit the vulnerability to obtain arbitrary files on the website, and severely obtain server control rights.
Trust: 0.6
sources:
CNVD: CNVD-2016-09329
IOT TAXONOMY
| category: | ['IoT', 'Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2016-09329
AFFECTED PRODUCTS
| vendor: | hikvision digital | model: | elisa live ip camera | scope: | - | version: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2016-09329
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2016-09329
PATCH
| title: | Hikvision remote system has a patch for XXE external entity injection vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/82488 | Trust: 0.6 |
sources:
CNVD: CNVD-2016-09329
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2016-09329 | Trust: 0.6 |
sources:
CNVD: CNVD-2016-09329
REFERENCES
| url: | https://medium.com/@iraklis/an | Trust: 0.6 |
sources:
CNVD: CNVD-2016-09329
SOURCES
| db: | CNVD | id: | CNVD-2016-09329 |
LAST UPDATE DATE
2022-05-04T09:34:28.894000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-09329 | date: | 2016-10-18T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2016-09329 | date: | 2016-10-18T00:00:00 |