CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2023-28809 – Hikvision Access Control Session Hijacking
https://notcve.org/view.php?id=CVE-2023-28809
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user. Remote attackers can steal valid authentication session identifiers of Hikvision Access Control/Intercom Products. This is possible because a remote attacker can create a session identifier without restrictions. If an attacker requests a session ID at the same time as a valid user, the attacker receives the identical session ID. • http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom • CWE-284: Improper Access Control CWE-384: Session Fixation •
CVSS: 4.3EPSS: 0%CPEs: 74EXPL: 1CVE-2023-28810
https://notcve.org/view.php?id=CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network. Algunos productos de control de acceso/intercomunicación tienen vulnerabilidades de modificación no autorizada de la configuración de red del dispositivo. Los atacantes pueden modificar la configuración de red del dispositivo enviando paquetes de datos específicos a la interfaz vulnerable dentro de la misma red local. • https://github.com/skylightcyber/CVE-2023-28810 https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom • CWE-284: Improper Access Control •