Last active
February 1, 2021 13:43
-
-
Save vulnfan1337/e95c2dba75ad93a1a325c6ace950eba9 to your computer and use it in GitHub Desktop.
Vulnerability found in hisilicon HI3516
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############### DESCRIPTION ################### | |
A buffer overflow vulnerability in the streaming server provided by | |
hisilicon in HI3516 models allows an unauthenticated attacker to | |
remotely run arbitrary root code by sending a special RTSP over HTTP | |
packet during the authentication stage in the protocol. | |
############# AFFECTED PRODUCTS ############### | |
The vulnerability was found in many cameras using hisilicon's | |
hardware and software, as demonstrated by: | |
TENVIS cameras 1.3.3.3, 1.2.7.2, 1.2.1.4, 7.1.20.1.2, and 13.1.1.1.7.2; | |
FDT FD7902 11.3.14.1.3 and 10.3.14.1.3; | |
FOSCAM cameras 3.2.1.1.1_0815 and 3.2.2.2.1_0815; | |
Dericam cameras V11.3.8.1.12. | |
The vulnerability was found in many cameras using hisilicon's | |
hardware and software and in high probability is also found in cameras | |
that are not listed in the above list (but still use hisilicon's products). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, I need to insert my logo on a camera based on HI3516CV300 IMX307 keeping the original firmware. Firmware 3516CV300_IMX307_B1T0A1M0C1P1_W_20.1.3.2
You do?
What the value ?
Thank you