Hikvision Streaming Media Management Server Default Credentials & Arbitrary File Read

Advisories

Hikvision Streaming Media Management Server Default Credentials & Arbitrary File Read

severity: high
date: 6/30/2025
Affecting: Streaming Media Management Server v2.3.5
CVE: CVE-2025-34058
CVE type: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'),CWE-521 Weak Password Requirements
CVSS: 8.7
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
References: Shadowserver Exploitation Evidence
CSDN Blog
CNVD-2021-14544
Description: Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After authenticating with these credentials, an attacker can exploit an arbitrary file read vulnerability in the /systemLog/downFile.php endpoint via directory traversal in the fileName parameter. This exploit chain can enable unauthorized access to sensitive system files. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-14 UTC.
VulnCheck KEV: This advisory is in the VulnCheck KEV database

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo