Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-9527

EPSS 7.58% · P92
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-9527

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via the peer-to-peer (P2P) service. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Shenzhen Hichip Vision Technology Firmware 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Shenzhen Hichip Vision Technology Firmware是中国深圳海芯威视(Shenzhen Hichip Vision)公司的一款用于物联网设备中的固件。 Shenzhen Hichip Vision Technology Firmware V6版本至V20版本(2018-08-09至2020年)中存在安全漏洞。远程攻击者可借助P2P服务利用该漏洞执行任意代码。以下厂商受到影响:Accfly;Alptop;Anlink;Besdersec;BOAVISION;COOAU;CP
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2020-9527

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-9527

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-08-10 · 20 CVEs total

CVE-2020-17478Perl Crypt::Perl 安全漏洞
CVE-2020-6145ERPNext SQL注入漏洞
CVE-2020-6070fsck.f2fs 安全漏洞
CVE-2020-8229Nextcloud Desktop Client 资源管理错误漏洞
CVE-2020-8224Nextcloud Desktop Client 代码注入漏洞
CVE-2020-9525CS2 Network P2P 信任管理问题漏洞
CVE-2020-9526CS2 Network P2P 信息泄露漏洞
CVE-2020-9528Shenzhen Hichip Vision Technology Firmware 加密问题漏洞
CVE-2020-9529Shenzhen Hichip Vision Technology Firmware 安全漏洞
CVE-2020-17476Mibew Messenger 跨站脚本漏洞
CVE-2020-16278Carson&SAINT SAINT Security Suite 跨站脚本漏洞
CVE-2020-9243Huawei Mate 30 安全漏洞
CVE-2020-9078Huawei FusionCompute 安全漏洞
CVE-2020-17479Json Pattern Validator 输入验证错误漏洞
CVE-2020-9245Huawei P30和P30 Pro 授权问题漏洞
CVE-2020-17480Tiny Technologies TinyMCE 跨站脚本漏洞
CVE-2020-16275Carson&SAINT SAINT Security Suite 跨站脚本漏洞
CVE-2020-16276Carson&SAINT SAINT Security Suite SQL注入漏洞
CVE-2020-16277Carson&SAINT SAINT Security Suite SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2020-9527

No comments yet

Leave a comment