Remote Command Execution Vulnerability in Hikvision Hybrid SAN Products
CVE-2022-28171

7.5HIGH

Key Information:

Vendor: Hikvision
Status: Ds-a71024/48/72r,ds-a80624s,ds-a81016s,ds-a72024/72r,ds-a80316s,ds-a82024d; Ds-a71024/48r-cvs,ds-a72024/48r-cvs
Vendor: CVE Published:; 27 June 2022

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 85%

What is CVE-2022-28171?

The web module of certain Hikvision Hybrid SAN/Cluster Storage products is vulnerable due to improper input validation mechanisms. This security flaw allows an attacker to exploit the vulnerability by sending specially crafted messages that include malicious commands. If successfully executed, these commands can potentially allow unauthorized access to system functionalities, leading to serious security implications for users of the affected products.

Affected Version(s)

DS-A71024/48/72R,DS-A80624S,DS-A81016S,DS-A72024/72R,DS-A80316S,DS-A82024D V2.X

DS-A71024/48R-CVS,DS-A72024/48R-CVS V1.X

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-28171-POC
Created by NyaMeeEain

References

https://www.hikvision.com/en/support/cybersecurity/securi...

http://packetstormsecurity.com/files/170818/Hikvision-Rem...

http://packetstormsecurity.com/files/173653/Hikvision-Hyb...

EPSS Score

85% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jul 16, 2023
👾
Exploit known to exist
Jul 16, 2023
Vulnerability published
Jun 27, 2022
Vulnerability Reserved
Mar 29, 2022

Credit

Thurein Soe