{"id":3550,"date":"2021-12-10T17:47:06","date_gmt":"2021-12-10T16:47:06","guid":{"rendered":"https:\/\/sajberinfo.com\/2022\/11\/21\/text-91\/"},"modified":"2022-12-04T13:15:08","modified_gmt":"2022-12-04T12:15:08","slug":"hikvision-proizvodi-ranjivi-na-daljinsko-preuzimanje","status":"publish","type":"post","link":"http:\/\/sajberinfo.com\/en\/2021\/12\/10\/hikvision-proizvodi-ranjivi-na-daljinsko-preuzimanje\/","title":{"rendered":"Hikvision proizvodi ranjivi na daljinsko preuzimanje"},"content":{"rendered":"<p class=\"MsoNormal\" style=\"line-height: normal; text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">Proizvodi kineskog proizvo\u0111a\u010da video nadzorne opreme <em>Hikvision<\/em> nalaze se pod napadom <a href=\"https:\/\/sajberinfo.com\/en\/2022\/04\/24\/botnet\/\" target=\"_blank\" rel=\"noopener\"><em>botnet <\/em><\/a>mre\u017ee pod nazivom <em>Moobot<\/em> koja varijanta uga\u0161ene <em>Mirai botnet<\/em> mre\u017ee. Pogo\u0111eni proizvodi su <em>IP<\/em> kamere i <em>NVR<\/em> snima\u010di sa datumom proizvodnje od 2016. godine pa do danas. Ranjivost je ozna\u010dena kao <em><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-36260\" target=\"_blank\" rel=\"noopener\">CVE-2021-36260<\/a><\/em> sa visokom ocjenom 9,8 od 10 za koju je podizvo\u0111a\u010d izdao a\u017euriranje u septembru ove godine. Ure\u0111aji koji budu preuzeti od <em>Moobot botnet<\/em> mre\u017ee koriste se za <a href=\"https:\/\/sajberinfo.com\/en\/2022\/04\/25\/ddos\/\" target=\"_blank\" rel=\"noopener\"><em>distributed denial of service<\/em> (<em>DDoS<\/em>)<\/a> napade.<\/span><\/span><\/p>\n<div id=\"attachment_3667\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-3667\" class=\"size-full wp-image-3667\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2021\/12\/Hikvision-1024x768-1.jpg\" alt=\"Hikvision under attack\" width=\"1024\" height=\"768\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2021\/12\/Hikvision-1024x768-1.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2021\/12\/Hikvision-1024x768-1-300x225.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2021\/12\/Hikvision-1024x768-1-768x576.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2021\/12\/Hikvision-1024x768-1-16x12.jpg 16w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-3667\" class=\"wp-caption-text\">Photo source: <a href=\"http:\/\/www.piqsels.com\/\" target=\"_blank\" rel=\"noopener\"><em>Piqsels<\/em><\/a><\/p><\/div>\n<p class=\"MsoNormal\" style=\"line-height: normal; text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">Sigurnosni istra\u017eiva\u010di kompanije <em>FortiGuard Labs<\/em> su objavili izvje\u0161taj u kome se vidi da <em>Moobot botnet<\/em> iskori\u0161tava navedenu ranjivost koja omogu\u0107ava daljinsko preuzimanje ure\u0111aja za \u0161to napada\u010du nisu potrebni korisni\u010dko ime i lozinka. Napad mo\u017ee biti izvr\u0161en preko <em>HTTP<\/em> (port 80) ili <em>HTTPS <\/em>(port 443), sve \u0161to je potrebno je dostupnost ure\u0111aja na Internetu. Proizvo\u0111a\u010d je izdao obavje\u0161tenje sa <a href=\"https:\/\/www.hikvision.com\/en\/support\/cybersecurity\/security-advisory\/security-notification-command-injection-vulnerability-in-some-hikvision-products\/\" target=\"_blank\" rel=\"noopener\">listom pogo\u0111enih ure\u0111aja<\/a>, koja je prili\u010dno velika. Ova lista bi mogla biti i ve\u0107a, jer nekoliko drugih proizvo\u0111a\u010da vr\u0161i rebrendiranje <em>Hikvision<\/em> kamera. Veli\u010dina ovog problema se ne mo\u017ee u potpunosti sagledati, jer i pored dostupnog a\u017euriranja, mnogo korisnika isto nije primijenilo.<\/span><\/span><\/p>\n<p class=\"MsoNormal\" style=\"line-height: normal; text-align: left;\"><span style=\"font-size: 14pt;\"><span style=\"font-family: inherit;\">Kako bi se korisnici za\u0161titili potrebno je preuzeti zadnje a\u017euriranje za <em>Hikvision<\/em> proizvode na <a href=\"https:\/\/www.hikvision.com\/en\/support\/download\/firmware\/\" target=\"_blank\" rel=\"noopener\">slu\u017ebenoj stranici<\/a>, kao i blokirati vanjski pristup portovima 80 i 443. Navedeni portovi bi trebali biti blokirani za vanjski pristup i nakon a\u017euriranja, a u slu\u010daju potrebe za daljinskim pristupom koristi <em>VPN<\/em>.<\/span><\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Proizvodi kineskog proizvo\u0111a\u010da video nadzorne opreme Hikvision nalaze se pod napadom botnet mre\u017ee pod nazivom Moobot koja varijanta uga\u0161ene Mirai botnet mre\u017ee. Pogo\u0111eni proizvodi su IP kamere i NVR snima\u010di sa datumom proizvodnje od&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":3667,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[113,114,171,63,93,78],"class_list":["post-3550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-botnet","tag-ddos","tag-hikvision","tag-lozinka","tag-malware","tag-vpn"],"_links":{"self":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/3550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=3550"}],"version-history":[{"count":0,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/3550\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/3667"}],"wp:attachment":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=3550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=3550"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=3550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}