CVE-2023-31996
8.8 HIGH
📋 TL;DR
This vulnerability allows remote attackers to execute arbitrary commands on Hanwha IP Camera ANE-L7012R devices by exploiting improper input sanitization in the NAS storage test function. Attackers can gain full control of affected cameras, potentially compromising video feeds and network security. Organizations using these specific camera models with vulnerable firmware are affected.
💻 Affected Systems
Products:
- Hanwha IP Camera ANE-L7012R
Versions: 1.41.01
Operating Systems: Embedded Linux
Default Config Vulnerable:
⚠️ Yes
Notes: Only affects specific camera model with exact firmware version. NAS storage test function must be accessible.
📦 What is this software?
Ane L6012r Firmware by Hanwhavision
Ane L7012r Firmware by Hanwhavision
Ano L6012r Firmware by Hanwhavision
Ano L6022r Firmware by Hanwhavision
Ano L6082r Firmware by Hanwhavision
Ano L7012r Firmware by Hanwhavision
Ano L7022r Firmware by Hanwhavision
Ano L7082r Firmware by Hanwhavision
Anv L6012r Firmware by Hanwhavision
Anv L6023r Firmware by Hanwhavision
Anv L6082r Firmware by Hanwhavision
Anv L7012r Firmware by Hanwhavision
Anv L7082r Firmware by Hanwhavision
Pnm 12082rvd Firmware by Hanwhavision
Pnm 7002vd Firmware by Hanwhavision
Pnm 7082rvd Firmware by Hanwhavision
Pnm 8082vt Firmware by Hanwhavision
Pnm 9000qb Firmware by Hanwhavision
Pnm 9000vd Firmware by Hanwhavision
Pnm 9002vq Firmware by Hanwhavision
Pnm 9022v Firmware by Hanwhavision
Pnm 9031rv Firmware by Hanwhavision
Pnm 9084qz1 Firmware by Hanwhavision
Pnm 9084rqz Firmware by Hanwhavision
Pnm 9084rqz1 Firmware by Hanwhavision
Pnm 9085rqz Firmware by Hanwhavision
Pnm 9085rqz1 Firmware by Hanwhavision
Pnm 9322vqp Firmware by Hanwhavision
Pnm C7083rvd Firmware by Hanwhavision
Pnm C9022rv Firmware by Hanwhavision
Qnd 6010r Firmware by Hanwhavision
Qnd 6011 Firmware by Hanwhavision
Qnd 6012r Firmware by Hanwhavision
Qnd 6012r1 Firmware by Hanwhavision
Qnd 6020r Firmware by Hanwhavision
Qnd 6021 Firmware by Hanwhavision
Qnd 6022r Firmware by Hanwhavision
Qnd 6030r Firmware by Hanwhavision
Qnd 6032r Firmware by Hanwhavision
Qnd 6070r Firmware by Hanwhavision
Qnd 6082r Firmware by Hanwhavision
Qnd 6082r1 Firmware by Hanwhavision
Qnd 7010r Firmware by Hanwhavision
Qnd 70142r Firmware by Hanwhavision
Qnd 7020r Firmware by Hanwhavision
Qnd 7022r Firmware by Hanwhavision
Qnd 7030r Firmware by Hanwhavision
Qnd 7032r Firmware by Hanwhavision
Qnd 7080r Firmware by Hanwhavision
Qnd 7082r Firmware by Hanwhavision
Qnd 8010r Firmware by Hanwhavision
Qnd 8011 Firmware by Hanwhavision
Qnd 8020r Firmware by Hanwhavision
Qnd 8021 Firmware by Hanwhavision
Qnd 8030r Firmware by Hanwhavision
Qnd 8080r Firmware by Hanwhavision
Qne 7080rvw Firmware by Hanwhavision
Qne 7088rv Firmware by Hanwhavision
Qne 8011r Firmware by Hanwhavision
Qne 8021r Firmware by Hanwhavision
Qnf 8010 Firmware by Hanwhavision
Qnf 9010 Firmware by Hanwhavision
Qno 6010r Firmware by Hanwhavision
Qno 6012r Firmware by Hanwhavision
Qno 6012r1 Firmware by Hanwhavision
Qno 6020r Firmware by Hanwhavision
Qno 6022r Firmware by Hanwhavision
Qno 6022r1 Firmware by Hanwhavision
Qno 6030r Firmware by Hanwhavision
Qno 6032r Firmware by Hanwhavision
Qno 6070r Firmware by Hanwhavision
Qno 6082r Firmware by Hanwhavision
Qno 6082r1 Firmware by Hanwhavision
Qno 7012r Firmware by Hanwhavision
Qno 7020r Firmware by Hanwhavision
Qno 7022r Firmware by Hanwhavision
Qno 7030r Firmware by Hanwhavision
Qno 7032r Firmware by Hanwhavision
Qno 7080r Firmware by Hanwhavision
Qno 7082r Firmware by Hanwhavision
Qno 8010r Firmware by Hanwhavision
Qno 8020r Firmware by Hanwhavision
Qno 8030r Firmware by Hanwhavision
Qno 8080r Firmware by Hanwhavision
Qnp 6230 Firmware by Hanwhavision
Qnp 6230h Firmware by Hanwhavision
Qnp 6230rh Firmware by Hanwhavision
Qnp 6250 Firmware by Hanwhavision
Qnp 6250h Firmware by Hanwhavision
Qnp 6250r Firmware by Hanwhavision
Qnp 6320 Firmware by Hanwhavision
Qnp 6320h Firmware by Hanwhavision
Qnp 6320hs Firmware by Hanwhavision
Qnp 6320r Firmware by Hanwhavision
Qnv 6010r Firmware by Hanwhavision
Qnv 6012r Firmware by Hanwhavision
Qnv 6012r1 Firmware by Hanwhavision
Qnv 6020r Firmware by Hanwhavision
Qnv 6022r Firmware by Hanwhavision
Qnv 6022r1 Firmware by Hanwhavision
Qnv 6030r Firmware by Hanwhavision
Qnv 6032r Firmware by Hanwhavision
Qnv 6070r Firmware by Hanwhavision
Qnv 6082r Firmware by Hanwhavision
Qnv 6082r1 Firmware by Hanwhavision
Qnv 7010r Firmware by Hanwhavision
Qnv 7012r Firmware by Hanwhavision
Qnv 7020r Firmware by Hanwhavision
Qnv 7022r Firmware by Hanwhavision
Qnv 7030r Firmware by Hanwhavision
Qnv 7032r Firmware by Hanwhavision
Qnv 7080r Firmware by Hanwhavision
Qnv 7082r Firmware by Hanwhavision
Qnv 8010r Firmware by Hanwhavision
Qnv 8020r Firmware by Hanwhavision
Qnv 8030r Firmware by Hanwhavision
Qnv 8080r Firmware by Hanwhavision
⚠️ Risk & Real-World Impact
Worst Case
Complete device takeover leading to persistent backdoor installation, video feed interception, lateral movement to internal networks, and use as botnet nodes for DDoS attacks.
Likely Case
Unauthorized access to camera controls, video feed manipulation, credential theft, and device configuration changes.
If Mitigated
Limited to isolated camera compromise without network propagation if proper segmentation and monitoring are in place.
🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM
🎯 Exploit Status
Public PoC:
✅ No
Weaponized:
UNKNOWN
Unauthenticated Exploit:
⚠️ Yes
Complexity:
LOW
Command injection vulnerabilities typically have low exploitation complexity once the attack vector is identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Later than 1.41.01
Vendor Advisory: https://hanwhavisionamerica.com/download/50042/
Restart Required: Yes
Instructions:
1. Download latest firmware from Hanwha support portal. 2. Backup camera configuration. 3. Upload firmware via web interface. 4. Reboot camera. 5. Verify firmware version.
🔧 Temporary Workarounds
Disable NAS Storage Test Function
allRemove or restrict access to the vulnerable NAS storage test feature
Network Segmentation
allIsolate cameras on separate VLAN with strict firewall rules
🧯 If You Can't Patch
- Implement strict network segmentation to isolate cameras from critical networks
- Deploy network-based IPS/IDS with command injection detection rules
🔍 How to Verify
Check if Vulnerable:
Check firmware version via camera web interface: System > Information > Firmware VersionCheck Version:
curl -k https://[CAMERA_IP]/stw-cgi/system.cgi?msubmenu=info&action=viewVerify Fix Applied:
Confirm firmware version is updated beyond 1.41.01 and test NAS storage function with malicious inputs📡 Detection & Monitoring
Log Indicators:
- Unusual command execution in system logs
- Multiple failed NAS test attempts
- Unexpected system process creation
Network Indicators:
- Unusual outbound connections from camera
- Command and control traffic patterns
- Unexpected port scanning from camera
SIEM Query:
source="camera_logs" AND ("nas test" OR "command injection" OR "system.cgi")