ID CVE-2018-6295
Summary Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
References
Vulnerable Configurations
  • cpe:2.3:o:hanwha-security:snh-v6410pn_firmware
    cpe:2.3:o:hanwha-security:snh-v6410pn_firmware
  • cpe:2.3:h:hanwha-security:snh-v6410pn
    cpe:2.3:h:hanwha-security:snh-v6410pn
  • cpe:2.3:o:hanwha-security:snh-v6410pnw_firmware
    cpe:2.3:o:hanwha-security:snh-v6410pnw_firmware
  • cpe:2.3:h:hanwha-security:snh-v6410pnw
    cpe:2.3:h:hanwha-security:snh-v6410pnw
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
refmap via4
misc https://securelist.com/somebodys-watching-when-cameras-are-more-than-just-smart/84309/
Last major update 13-03-2018 - 13:29
Published 13-03-2018 - 13:29
Last modified 09-04-2018 - 09:27
Back to Top