CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7057

Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogin/capabilities login attempts depending on whether the user account exists, which might make it easier to enumerate users. However, only about 4 or 5 failed logins are allowed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.0%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://sku11army.blogspot.com/2020/01/hikvision-dvr-ds-7204hghi-user.html
https://sku11army.blogspot.com/2020/01/hikvision-dvr-ds-7204hghi-user.html

Products affected by CVE-2020-7057

Hikvision » Ds-7204hghi-F1 » Version: N/A

cpe:2.3:h:hikvision:ds-7204hghi-f1:-
Hikvision » Ds-7204hghi-F1 Firmware » Version: 4.0.1

cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:4.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7057

Products

Pricing

Contact Us