Remote Code Execution Vulnerability Affecting Hanwha Vision NVRs
CVE-2024-41883

Currently unrated

Key Information:

Vendor: Hanwha Vision Co., Ltd.
Status: Xrn-420s
Vendor: CVE Published:; 24 December 2024

🔔 Create Hanwha Vision Co., Ltd. Vulnerability Alert

What is CVE-2024-41883?

A potential security flaw has been identified in Hanwha Vision's Network Video Recorders (NVR), where an attacker can exploit a specific URL parameter to trigger a NULL pointer reference. This exploit could lead to unintended behavior, including a system reboot of the NVR device. Users are strongly encouraged to apply the latest firmware patch provided by the manufacturer to mitigate this vulnerability. For further information and detailed workarounds, please refer to the manufacturer's security advisory.

Affected Version(s)

XRN-420S 5.01.62 and prior versions

References

https://www.hanwhavision.com/wp-content/uploads/2024/12/N...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2024
Vulnerability Reserved
Jul 23, 2024

JSON