Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has released patched firmware for the highlighted flaw. Please refer to the hanwhavision security report for more information and solution."

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function.

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Cross Site Scripting (XSS).

Certain Hanwha products are vulnerable to Denial of Service (DoS). ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service (DoS) via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R 1.41.01 and IP Camera XNV-9082R 2.10.02.

Hanwha Techwin SRN-4000, SRN-4000 firmware versions prior to SRN4000_v2.16_170401, A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication.

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)

Denial of service by uploading malformed firmware in Hanwha Techwin Smartcams

Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams

Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams

Remote password change in Hanwha Techwin Smartcams

Authentication bypass in Hanwha Techwin Smartcams

Remote code execution in Hanwha Techwin Smartcams

Buffer overflow in Hanwha Techwin Smartcams

An undocumented (hidden) capability for switching the web interface in Hanwha Techwin Smartcams

Unencrypted way of remote control and communications in Hanwha Techwin Smartcams

Unsecured way of firmware update in Hanwha Techwin Smartcams

An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.

An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.