Hikvision: >> Ds-K1t671 Security Vulnerabilities
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-01-13
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
CVSS Score
4.3
EPSS Score
0.004
Published
2023-06-15
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-15