module
Unauthenticated information disclosure such as configuration, credentials and camera snapshots of a vulnerable Hikvision IP Camera
| Disclosed | Created |
|---|---|
| Sep 23, 2017 | Oct 20, 2022 |
Disclosed
Sep 23, 2017
Created
Oct 20, 2022
Description
Many Hikvision IP cameras have improper authorization logic that allows unauthenticated information disclosure of camera information,
such as detailed hardware and software configuration, user credentials, and camera snapshots.
The vulnerability has been present in Hikvision products since 2014.
In addition to Hikvision-branded devices, it affects many white-labeled camera products sold under a variety of brand names.
Hundreds of thousands of vulnerable devices are still exposed to the Internet at the time of publishing (shodan search: "App-webs" "200 OK").
This module allows the attacker to retrieve this information without any authentication. The information is stored in loot for future use.
such as detailed hardware and software configuration, user credentials, and camera snapshots.
The vulnerability has been present in Hikvision products since 2014.
In addition to Hikvision-branded devices, it affects many white-labeled camera products sold under a variety of brand names.
Hundreds of thousands of vulnerable devices are still exposed to the Internet at the time of publishing (shodan search: "App-webs" "200 OK").
This module allows the attacker to retrieve this information without any authentication. The information is stored in loot for future use.
Authors
Monte Crypto
h00die-gr3y [email protected]
h00die-gr3y [email protected]
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.