Exploit/Advisories no image

Published on September 5th, 2023 📆 | 6193 Views ⚑


Hikvision Access Control Session Hijacking


Remote attackers can steal valid authentication session identifiers of Hikvision Access Control/Intercom Products. This is possible because a remote attacker can create a session identifier without restrictions. If an attacker requests a session ID at the same time as a valid user, the attacker receives the identical session ID. This session ID is immediately recognized as valid after successful authentication of the correct user.

Source link

Tagged with:

Leave a Reply

Your email address will not be published.