9.8
CVSSv3

CVE-2022-28173

Published: 19/12/2022 Updated: 29/12/2022
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

Vulnerability Summary

The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.

Most Upvoted Vulmon Research Post

Technical Details by Researcher is published here: https://www.redinent.com/blog/critical-vulnerability-hikvision-wireless-bridge/

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hikvision ds-3wf0ac-2nt_firmware

hikvision ds-3wf01c-2n\\/o_firmware

Github Repositories

CVE-2022-28173 The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission The attacker can exploit the vulnerability by sending crafted messages to the affected devices authentication complexity vector not available not available not available confidentiality integrity availabili