Published: 14/06/2018 Updated: 24/04/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
samsung smartviewer -
hanwha-security hrd-1642 firmware
hanwha-security hrd-842 firmware
hanwha-security hrd-442 firmware
hanwha-security hrd-1641 firmware
hanwha-security hrd-841 firmware
hanwha-security hrd-840 firmware
hanwha-security hrd-440 firmware
hanwha-security hrd-443 firmware
hanwha-security srd-1694u firmware

Samsung Web Viewer for Samsung DVR suffers from a cross site scripting vulnerability ...

I VULNERABILITY ------------------------- Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) II CVE REFERENCE ------------------------- CVE-2018-11689 III REFERENCES ------------------------- vulmoncom/vulnerabilitydetails?qid=CVE-2018-11689 IV CREDIT ------------------------- Yavuz Atlas - Biznet Bilisim http:/ ...

CWE-79 https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11689 http://www.securityfocus.com/archive/1/542083/100/0/threaded https://seclists.org/bugtraq/2018/Jun/40 https://drive.google.com/file/d/1aWbvdrx1KRkUv4ikkm530a2N5qrxCLmr/view?usp=sharing https://nvd.nist.gov http://seclists.org/fulldisclosure/2018/Jun/40

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-11689

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect