Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-28810. PoCs published by skylightcyber.
AI-analyzed exploit summary This repository contains functional exploit code for CVE-2023-28810, targeting Hikvision intercom devices. It includes scripts for unauthenticated configuration changes, password brute-forcing, and SIP-based ghost calling.
Description
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
Exploits (1)
This repository contains functional exploit code for CVE-2023-28810, targeting Hikvision intercom devices. It includes scripts for unauthenticated configuration changes, password brute-forcing, and SIP-based ghost calling.
References (1)
Scores
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N