CVE-2023-5037
7.2 HIGH
📋 TL;DR
This vulnerability allows authenticated attackers to execute arbitrary commands on affected Hanwha Vision cameras through command injection in request packets. Attackers with valid credentials can gain remote code execution on the camera system. This affects Hanwha Vision camera users who haven't applied the security patch.
💻 Affected Systems
Products:
- Hanwha Vision cameras
Versions: Specific versions not detailed in provided references; consult manufacturer advisory for exact affected versions
Operating Systems: Embedded camera firmware
Default Config Vulnerable:
⚠️ Yes
Notes: Requires authenticated access; cameras with default or weak credentials are particularly vulnerable
📦 What is this software?
Ane L6012r Firmware by Hanwhavision
Ane L7012r Firmware by Hanwhavision
Ano L6012r Firmware by Hanwhavision
Ano L6022r Firmware by Hanwhavision
Ano L6082r Firmware by Hanwhavision
Ano L7012r Firmware by Hanwhavision
Ano L7022r Firmware by Hanwhavision
Ano L7082r Firmware by Hanwhavision
Anv L6012r Firmware by Hanwhavision
Anv L6023r Firmware by Hanwhavision
Anv L6082r Firmware by Hanwhavision
Anv L7012r Firmware by Hanwhavision
Anv L7082r Firmware by Hanwhavision
Lnd 6012r Firmware by Hanwhavision
Lnd 6022r Firmware by Hanwhavision
Lnd 6032r Firmware by Hanwhavision
Lnd 6072r Firmware by Hanwhavision
Lno 6012r Firmware by Hanwhavision
Lno 6022r Firmware by Hanwhavision
Lno 6032r Firmware by Hanwhavision
Lno 6072r Firmware by Hanwhavision
Lnv 6012r Firmware by Hanwhavision
Lnv 6022r Firmware by Hanwhavision
Lnv 6032r Firmware by Hanwhavision
Lnv 6072r Firmware by Hanwhavision
Pnm 12082rvd Firmware by Hanwhavision
Pnm 7002vd Firmware by Hanwhavision
Pnm 7082rvd Firmware by Hanwhavision
Pnm 8082vt Firmware by Hanwhavision
Pnm 9000qb Firmware by Hanwhavision
Pnm 9002vq Firmware by Hanwhavision
Pnm 9022v Firmware by Hanwhavision
Pnm 9031rv Firmware by Hanwhavision
Pnm 9084qz Firmware by Hanwhavision
Pnm 9084qz1 Firmware by Hanwhavision
Pnm 9084rqz Firmware by Hanwhavision
Pnm 9084rqz1 Firmware by Hanwhavision
Pnm 9085rqz Firmware by Hanwhavision
Pnm 9085rqz1 Firmware by Hanwhavision
Pnm 9322vqp Firmware by Hanwhavision
Pnm C9022rv Firmware by Hanwhavision
Qnb 8002 Firmware by Hanwhavision
Qnd 6011 Firmware by Hanwhavision
Qnd 6012r Firmware by Hanwhavision
Qnd 6012r1 Firmware by Hanwhavision
Qnd 6021 Firmware by Hanwhavision
Qnd 6022r Firmware by Hanwhavision
Qnd 6022r1 Firmware by Hanwhavision
Qnd 6032r Firmware by Hanwhavision
Qnd 6032r1 Firmware by Hanwhavision
Qnd 6072r Firmware by Hanwhavision
Qnd 6072r1 Firmware by Hanwhavision
Qnd 6073r Firmware by Hanwhavision
Qnd 6082r Firmware by Hanwhavision
Qnd 6082r1 Firmware by Hanwhavision
Qnd 6083r Firmware by Hanwhavision
Qnd 7012r Firmware by Hanwhavision
Qnd 7022r Firmware by Hanwhavision
Qnd 7032r Firmware by Hanwhavision
Qnd 7082r Firmware by Hanwhavision
Qnd 8010r Firmware by Hanwhavision
Qnd 8011 Firmware by Hanwhavision
Qnd 8020r Firmware by Hanwhavision
Qnd 8021 Firmware by Hanwhavision
Qnd 8030r Firmware by Hanwhavision
Qnd 8080r Firmware by Hanwhavision
Qne 8011r Firmware by Hanwhavision
Qne 8021r Firmware by Hanwhavision
Qno 6012r Firmware by Hanwhavision
Qno 6012r1 Firmware by Hanwhavision
Qno 6014r Firmware by Hanwhavision
Qno 6022r Firmware by Hanwhavision
Qno 6022r1 Firmware by Hanwhavision
Qno 6032r Firmware by Hanwhavision
Qno 6032r1 Firmware by Hanwhavision
Qno 6072r Firmware by Hanwhavision
Qno 6072r1 Firmware by Hanwhavision
Qno 6073r Firmware by Hanwhavision
Qno 6082r Firmware by Hanwhavision
Qno 6082r1 Firmware by Hanwhavision
Qno 6083r Firmware by Hanwhavision
Qno 6084r Firmware by Hanwhavision
Qno 7012r Firmware by Hanwhavision
Qno 7022r Firmware by Hanwhavision
Qno 7032r Firmware by Hanwhavision
Qno 7082r Firmware by Hanwhavision
Qno 8010r Firmware by Hanwhavision
Qno 8020r Firmware by Hanwhavision
Qno 8030r Firmware by Hanwhavision
Qno 8080r Firmware by Hanwhavision
Qnv 6012r Firmware by Hanwhavision
Qnv 6012r1 Firmware by Hanwhavision
Qnv 6014r Firmware by Hanwhavision
Qnv 6022r Firmware by Hanwhavision
Qnv 6022r1 Firmware by Hanwhavision
Qnv 6023r Firmware by Hanwhavision
Qnv 6024rm Firmware by Hanwhavision
Qnv 6032r Firmware by Hanwhavision
Qnv 6032r1 Firmware by Hanwhavision
Qnv 6072r Firmware by Hanwhavision
Qnv 6072r1 Firmware by Hanwhavision
Qnv 6073r Firmware by Hanwhavision
Qnv 6082r Firmware by Hanwhavision
Qnv 6082r1 Firmware by Hanwhavision
Qnv 6083r Firmware by Hanwhavision
Qnv 6084r Firmware by Hanwhavision
Qnv 7012r Firmware by Hanwhavision
Qnv 7022r Firmware by Hanwhavision
Qnv 7032r Firmware by Hanwhavision
Qnv 7082r Firmware by Hanwhavision
Qnv 8010r Firmware by Hanwhavision
Qnv 8020r Firmware by Hanwhavision
Qnv 8030r Firmware by Hanwhavision
Qnv 8080r Firmware by Hanwhavision
Tnv C7013rc Firmware by Hanwhavision
Xnb 6002 Firmware by Hanwhavision
Xnb 6003 Firmware by Hanwhavision
Xnb 8002 Firmware by Hanwhavision
Xnb 8003 Firmware by Hanwhavision
Xnb 9002 Firmware by Hanwhavision
Xnb 9003 Firmware by Hanwhavision
Xnd 6083rv Firmware by Hanwhavision
Xnd 8082rf Firmware by Hanwhavision
Xnd 8082rv Firmware by Hanwhavision
Xnd 8083rv Firmware by Hanwhavision
Xnd 8093rv Firmware by Hanwhavision
Xnd 9082rf Firmware by Hanwhavision
Xnd 9082rv Firmware by Hanwhavision
Xnd 9083rv Firmware by Hanwhavision
Xnd C6083rv Firmware by Hanwhavision
Xnd C7083rv Firmware by Hanwhavision
Xnd C8083rv Firmware by Hanwhavision
Xnd C9083rv Firmware by Hanwhavision
Xnf 9010rs Firmware by Hanwhavision
Xnf 9010rv Firmware by Hanwhavision
Xnf 9010rvm Firmware by Hanwhavision
Xnf 9013rv Firmware by Hanwhavision
Xno 6083r Firmware by Hanwhavision
Xno 6123r Firmware by Hanwhavision
Xno 8082r Firmware by Hanwhavision
Xno 8083r Firmware by Hanwhavision
Xno 9082r Firmware by Hanwhavision
Xno 9083r Firmware by Hanwhavision
Xno C6083r Firmware by Hanwhavision
Xno C7083r Firmware by Hanwhavision
Xno C8083r Firmware by Hanwhavision
Xno C9083r Firmware by Hanwhavision
Xnp 6400 Firmware by Hanwhavision
Xnp 6400r Firmware by Hanwhavision
Xnp 6400rw Firmware by Hanwhavision
Xnp 8250 Firmware by Hanwhavision
Xnp 8250r Firmware by Hanwhavision
Xnp 8300rw Firmware by Hanwhavision
Xnp 9250 Firmware by Hanwhavision
Xnp 9250r Firmware by Hanwhavision
Xnp 9300rw Firmware by Hanwhavision
Xnp C6403 Firmware by Hanwhavision
Xnp C6403r Firmware by Hanwhavision
Xnp C6403rw Firmware by Hanwhavision
Xnp C8253 Firmware by Hanwhavision
Xnp C8253r Firmware by Hanwhavision
Xnp C8303rw Firmware by Hanwhavision
Xnp C9253 Firmware by Hanwhavision
Xnp C9253r Firmware by Hanwhavision
Xnp C9303rw Firmware by Hanwhavision
Xnp C9310r Firmware by Hanwhavision
Xnv 6083r Firmware by Hanwhavision
Xnv 6083rz Firmware by Hanwhavision
Xnv 6083z Firmware by Hanwhavision
Xnv 6123r Firmware by Hanwhavision
Xnv 8082r Firmware by Hanwhavision
Xnv 8083r Firmware by Hanwhavision
Xnv 8083rz Firmware by Hanwhavision
Xnv 8083z Firmware by Hanwhavision
Xnv 8093r Firmware by Hanwhavision
Xnv 9082r Firmware by Hanwhavision
Xnv 9083r Firmware by Hanwhavision
Xnv 9083rz Firmware by Hanwhavision
Xnv C6083 Firmware by Hanwhavision
Xnv C6083r Firmware by Hanwhavision
Xnv C7083r Firmware by Hanwhavision
Xnv C8083r Firmware by Hanwhavision
Xnv C9083r Firmware by Hanwhavision
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of camera system allowing attackers to execute arbitrary commands, potentially gaining persistent access, disabling security features, or using the camera as a pivot point into the network.
Likely Case
Attackers with stolen or default credentials execute commands to disrupt camera functionality, exfiltrate video feeds, or install malware for persistence.
If Mitigated
With proper network segmentation, strong authentication, and regular patching, impact is limited to isolated camera systems with minimal network access.
🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM
🎯 Exploit Status
Public PoC:
✅ No
Weaponized:
UNKNOWN
Unauthenticated Exploit:
✅ No
Complexity:
LOW
Exploitation requires authentication but command injection is straightforward once authenticated
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Specific version not provided; refer to manufacturer firmware updates
Vendor Advisory: https://www.hanwhavision.com/wp-content/uploads/2024/06/Camera-Vulnerability-Report-CVE-2023-5037-5038.pdf
Restart Required: Yes
Instructions:
1. Download latest firmware from Hanwha Vision support portal. 2. Upload firmware to camera via web interface. 3. Apply update and restart camera.
🔧 Temporary Workarounds
Network segmentation
allIsolate cameras on separate VLAN with restricted access
Strong authentication
allEnforce complex passwords and disable default credentials
🧯 If You Can't Patch
- Implement strict network access controls to limit camera communication
- Monitor for unusual command execution patterns in camera logs
🔍 How to Verify
Check if Vulnerable:
Check camera firmware version against manufacturer's patched versions listCheck Version:
Check via camera web interface: System > Information > Firmware VersionVerify Fix Applied:
Verify firmware version matches or exceeds patched version from vendor advisory📡 Detection & Monitoring
Log Indicators:
- Unusual command execution in system logs
- Multiple failed authentication attempts followed by successful login
Network Indicators:
- Unusual outbound connections from camera
- Suspicious payloads in HTTP requests to camera
SIEM Query:
source="camera_logs" AND (event="command_execution" OR event="system_call")