CVE-2023-6893 — AI Deep Analysis Summary

🚨 **Essence**: Path Traversal (CWE-22) in Hikvision Intercom Broadcasting System. 📉 **Consequences**: Attackers can read arbitrary files on the server via the `downname` parameter in `/php/exportrecord.php`.…

🛡️ **Root Cause**: Improper input validation on the `downname` parameter.…

🏢 **Vendor**: Hikvision (China). 📦 **Product**: Intercom Broadcasting System. 📅 **Affected Version**: Specifically **3.0.3_20201113_RELEASE(HIK)**. Check if your deployment matches this exact release string.

💻 **Privileges**: Network Access (AV:A). 🔓 **Data Access**: Can read sensitive server files. 📊 **Impact**: **Low** Confidentiality (C:L), No Integrity/Availability loss.…

⚠️ **Threshold**: **Low**. 🌐 **Auth**: No authentication required (PR:N). 🖱️ **UI**: No user interaction needed (UI:N). 📡 **Vector**: Adjacent Network (AV:A).…

🔍 **Public Exploit**: Yes. 📂 **Source**: GitHub repository `willchen0011/cve` contains a download/exploit file. 📝 **VDB**: Technical descriptions and signatures are available on VulDB (ID 248252).…

🔎 **Self-Check**: Scan for the endpoint `/php/exportrecord.php`. 🧪 **Test**: Send a request with `downname=../../../../etc/passwd` (or equivalent sensitive file).…

🛡️ **Official Fix**: The CVE was published on **2023-12-17**. 📜 **Status**: While the CVE exists, the provided data does not explicitly list a patch link. However, Hikvision typically releases security updates.…

🚧 **Workaround**: If no patch is available: 🚫 **Block Access**: Restrict network access to `/php/exportrecord.php` via firewall/WAF.…

⚡ **Urgency**: **Medium-High**. 📅 **Priority**: P2. Although the impact is 'Low' (Info Disclosure), the **Zero-Auth** nature and **Low Exploitation Difficulty** make it attractive for attackers.…