QwikSec

Security Database

CVE

CWE

Training

CVE-2023-5038

Published: Jun 25, 2024

Modified: Aug 2, 2024

PUBLISHED

Description

badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

Vendor	Product	Versions
Hanwha Vision Co., Ltd.	A-Series, Q-Series, PNM-series Camera	affected `Prior to version 1.41.16, Prior to version 2.22.00`

Weaknesses (CWE)

References

https://www.hanwhavision.com/wp-content/uploads/2024/06/Camera-Vulnerability-Report-CVE-2023-5037-5038.pdf

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.