VYPR
Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Feb 7, 2025

CVE-2023-28808

CVE-2023-28808

Description

Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.

Affected products

3
  • hikvision/DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024Dv5
    Range: V2.X
  • hikvision/DS-A71024/48R-CVS,DS-A72024/48R-CVSv5
    Range: V1.X

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.