Published: 14/06/2018 Updated: 24/04/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
samsung smartviewer -
hanwha-security hrd-1642_firmware
hanwha-security hrd-842_firmware
hanwha-security hrd-442_firmware
hanwha-security hrd-1641_firmware
hanwha-security hrd-841_firmware
hanwha-security hrd-840_firmware
hanwha-security hrd-440_firmware
hanwha-security hrd-443_firmware
hanwha-security srd-1694u_firmware

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability ...

CWE-79 https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11689 http://www.securityfocus.com/archive/1/542083/100/0/threaded https://seclists.org/bugtraq/2018/Jun/40 https://drive.google.com/file/d/1aWbvdrx1KRkUv4ikkm530a2N5qrxCLmr/view?usp=sharing https://nvd.nist.gov https://packetstormsecurity.com/files/148183/Samsung-Web-Viewer-For-Samsung-DVR-Cross-Site-Scripting.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-11689

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect