CVE-2023-31996

HIGH

Hanwha IP Camera ANE-L7012R <1.41.01 - Command Injection

Title source: llm

Description

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function.

References (2)

Core 2

Core References

Vendor Advisory

https://hanwhavisionamerica.com/download/50042/

Vendor Advisory

https://www.hanwhavision.com/wp-content/uploads/2023/04/Camera-Vulnerability-Report.pdf

Scores

CVSS v3 8.8

EPSS 0.0149

EPSS Percentile 70.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-77

Status published

Products (50)

hanwhavision/ane-l6012r_firmware < 1.41.03

hanwhavision/ane-l7012r_firmware < 1.41.03

hanwhavision/ano-l6012r_firmware < 1.41.03

hanwhavision/ano-l6022r_firmware < 1.41.03

hanwhavision/ano-l6082r_firmware < 1.41.03

hanwhavision/ano-l7012r_firmware < 1.41.03

hanwhavision/ano-l7022r_firmware < 1.41.03

hanwhavision/ano-l7082r_firmware < 1.41.03

hanwhavision/anv-l6012r_firmware < 1.41.03

hanwhavision/anv-l6023r_firmware < 1.41.03

... and 40 more

Published May 23, 2023

Tracked Since Feb 18, 2026