CVE-2020-24217
Severity CVSS v4.0:
Pending analysis
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
06/10/2020
Last modified:
01/01/2022
Description
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to achieve arbitrary code execution.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:szuray:iptv\/h.264_video_encoder_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uaioe264-1u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uce264-1-mini:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uce264-1wb-mini:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uce264-4-1u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uce264-8-1u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhae264-16:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-16p32:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1p2:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1p2-1u:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1s:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1w:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-1ws:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:szuray:uhce264-4p8:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/159597/HiSilicon-Video-Encoder-Command-Injection.html
- http://packetstormsecurity.com/files/159599/HiSilicon-Video-Encoder-Malicious-Firmware-Code-Execution.html
- https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/
- https://www.kb.cert.org/vuls/id/896979