Filtered by vendor Hikvision Subscriptions
Filtered by product Ds-k1t320efx Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28809 1 Hikvision 52 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 49 more 2024-12-18 7.5 High
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
CVE-2023-28810 1 Hikvision 74 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 71 more 2024-12-13 4.3 Medium
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.