Filtered by vendor Hikvision
Subscriptions
Filtered by product Ds-k1t320efx
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-28809 | 1 Hikvision | 52 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 49 more | 2024-12-18 | 7.5 High |
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user. | ||||
CVE-2023-28810 | 1 Hikvision | 74 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 71 more | 2024-12-13 | 4.3 Medium |
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network. |
Page 1 of 1.