漏洞描述
Hikvision Hybrid SAN/Cluster Storage 存在安全漏洞,该漏洞源于 web模块输入验证不足。攻击者利用该漏洞通过发送带有恶意命令的消息来执行受限命令.
Hikvision Hybrid SAN/Cluster Storage 存在安全漏洞(CVE-2022-28171)
PoC代码
暂无相关漏洞推荐
- ibm-storage-default-password: IBM Storage Management Default Login
- hikvision-files-upload: Hikvision Files Upload
- spon-ip-intercom-ping-rce: Hikvision SPON IP网络对讲广播系统存在命令执行漏洞
- POC CVE-2010-1858: Joomla! Component SMEStorage - Local File Inclusion
- POC CVE-2017-7921: Hikvision - Authentication Bypass
- POC CVE-2020-8982: Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
- POC CVE-2021-36260: Hikvision IP camera/NVR - Remote Command Execution
- POC CVE-2021-37216: QSAN Storage Manager <3.3.3 - Cross-Site Scripting
- POC CVE-2023-24489: Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution
- POC CVE-2023-6895: Hikvision IP ping.php - Command Execution
- POC CVE-2024-3272: D-Link Network Attached Storage - Backdoor Account
- POC CVE-2024-3273: D-Link Network Attached Storage - Command Injection and Backdoor Account
- POC CVE-2017-7921: Hikvision CVE-2017-7921