From 30080e64096b028f40227fadbabc722aad4e013b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B9=8B=E4=B9=8E=E8=80=85=E4=B9=9F?= Date: Thu, 13 Apr 2023 15:42:22 +0800 Subject: [PATCH] Create Hikvision_iSecure_Center_springboot_Information_disclosure_vulnerability.md --- ...pringboot_Information_disclosure_vulnerability.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 Hikvision_iSecure_Center_springboot_Information_disclosure_vulnerability.md diff --git a/Hikvision_iSecure_Center_springboot_Information_disclosure_vulnerability.md b/Hikvision_iSecure_Center_springboot_Information_disclosure_vulnerability.md new file mode 100644 index 0000000..4812935 --- /dev/null +++ b/Hikvision_iSecure_Center_springboot_Information_disclosure_vulnerability.md @@ -0,0 +1,12 @@ +## Hikvision iSecure Center springboot Information disclosure vulnerability + +| **Vulnerability** | **Hikvision iSecure Center springboot Information disclosure vulnerability** | +| :----: | :-----| +| **Chinese name** | 海康综合安防管理平台系统 springboot 信息泄露漏洞 | +| **CVSS core** | 7.5 | +| **FOFA Query** (click to view the results directly)| [title=\"综合安防管理平台\" && body=\"nginxService/v1/download/InstallRootCert.exe\"](https://en.fofa.info/result?qbase64=dGl0bGU9Iue7vOWQiOWuiemYsueuoeeQhuW5s%2BWPsCIgJiYgYm9keT0ibmdpbnhTZXJ2aWNlL3YxL2Rvd25sb2FkL0luc3RhbGxSb290Q2VydC5leGUi) | +| **Number of assets affected** | 3095 | +| **Description** | Hikvision iSecure Center is an integrated management platform, which can centrally manage the access video monitoring points to achieve unified deployment, configuration, management and scheduling. the framework it uses has a spring boot information disclosure vulnerability. An attacker can access the exposed route to obtain information such as environment variables, intranet addresses, and user names in the configuration. | +| **Impact** | Hikvision iSecure Center is a spring boot information disclosure vulnerability. An attacker can access and download the heapdump heap to obtain sensitive information such as the intranet account password. | + +![](https://s3.bmp.ovh/imgs/2023/04/13/47c0acd2094e7191.gif)