6.1
CVSSv3

CVE-2018-11689

Published: 14/06/2018 Updated: 24/04/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

samsung smartviewer -

hanwha-security hrd-1642_firmware

hanwha-security hrd-842_firmware

hanwha-security hrd-442_firmware

hanwha-security hrd-1641_firmware

hanwha-security hrd-841_firmware

hanwha-security hrd-840_firmware

hanwha-security hrd-440_firmware

hanwha-security hrd-443_firmware

hanwha-security srd-1694u_firmware

Mailing Lists

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability ...
I VULNERABILITY ------------------------- Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) II CVE REFERENCE ------------------------- CVE-2018-11689 III REFERENCES ------------------------- vulmoncom/vulnerabilitydetails?qid=CVE-2018-11689 IV CREDIT ------------------------- Yavuz Atlas - Biznet Bilisim http:/ ...

Github Repositories

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :