Skip to main content

Ane L6012R Firmware CVE-2023-31996

HIGH
Command Injection (CWE-77)
2023-05-23 cve@mitre.org
Command Injection Ane L6012R Firmware Ane L7012R Firmware Ano L6012R Firmware Ano L6022R Firmware Ano L6082R Firmware Ano L7012R Firmware Ano L7022R Firmware Ano L7082R Firmware Anv L6012R Firmware Anv L6023R Firmware Anv L6082R Firmware Anv L7012R Firmware Anv L7082R Firmware Pnm 12082Rvd Firmware Pnm 7002Vd Firmware Pnm 7082Rvd Firmware Pnm 8082Vt Firmware Pnm 9000Qb Firmware Pnm 9000Vd Firmware Pnm 9002Vq Firmware Pnm 9022V Firmware Pnm 9031Rv Firmware Pnm 9084Qz1 Firmware Pnm 9084Rqz Firmware Pnm 9084Rqz1 Firmware Pnm 9085Rqz Firmware Pnm 9085Rqz1 Firmware Pnm 9322Vqp Firmware Pnm C12083Rvd Firmware Pnm C7083Rvd Firmware Pnm C9022Rv Firmware Qnd 6011 Firmware Qnd 6012R Firmware Qnd 6012R1 Firmware Qnd 6021 Firmware Qnd 6022R Firmware Qnd 6082R Firmware Qnd 6082R1 Firmware Qnd 70142R Firmware Qnd 7022R Firmware Qnd 7032R Firmware Qnd 7082R Firmware Qnd 8010R Firmware Qnd 8011 Firmware Qnd 8020R Firmware Qnd 8021 Firmware Qnd 8080R Firmware Qne 8011R Firmware Qnf 8010 Firmware Qnf 9010 Firmware Qno 6012R Firmware Qno 6012R1 Firmware Qno 6022R Firmware Qno 6022R1 Firmware Qno 6082R Firmware Qno 6082R1 Firmware Qno 7012R Firmware Qno 7022R Firmware Qno 7032R Firmware Qno 7082R Firmware Qno 8010R Firmware Qno 8020R Firmware Qno 8080R Firmware Qnv 7012R Firmware Qnp 6230 Firmware Qnp 6230H Firmware Qnp 6250 Firmware Qnp 6250H Firmware Qnp 6250R Firmware Qnp 6320 Firmware Qnp 6320H Firmware Qnp 6320Hs Firmware Qnp 6320R Firmware Qnv 6012R Firmware Qnv 6012R1 Firmware Qnv 6022R Firmware Qnv 6022R1 Firmware Qnv 6082R Firmware Qnv 6082R1 Firmware Qnd 6010R Firmware Qnd 6020R Firmware Qnd 6030R Firmware Qnd 6032R Firmware Qnd 6070R Firmware Qno 6010R Firmware Qno 6020R Firmware Qno 6030R Firmware Qno 6032R Firmware Qno 6070R Firmware Qnp 6230Rh Firmware Qnv 6010R Firmware Qnv 6020R Firmware Qnv 6030R Firmware Qnv 6032R Firmware Qnv 6070R Firmware Qnv 7022R Firmware Qnv 7032R Firmware Qnv 7082R Firmware Qnv 8010R Firmware Qnv 8020R Firmware Qnv 8080R Firmware Qnd 7010R Firmware Qnd 7020R Firmware Qnd 7030R Firmware Qnd 7080R Firmware Qnd 8030R Firmware Qne 7088Rv Firmware Qne 7080Rvw Firmware Qne 8021R Firmware Qno 7020R Firmware Qno 7030R Firmware Qno 7080R Firmware Qno 8030R Firmware Qnv 7010R Firmware Qnv 7020R Firmware Qnv 7030R Firmware Qnv 7080R Firmware Qnv 8030R Firmware
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 23, 2023 - 01:15 nvd
HIGH 8.8

DescriptionNVD

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function.

AnalysisAI

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Command Injection (CWE-77), which allows attackers to inject arbitrary commands into system command execution. Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function. Affected products include: Hanwhavision Ane-L6012R Firmware, Hanwhavision Ane-L7012R Firmware, Hanwhavision Ano-L6012R Firmware, Hanwhavision Ano-L6022R Firmware, Hanwhavision Ano-L6082R Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized APIs, avoid shell execution, validate input with strict allowlists.

Share

CVE-2023-31996 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy