A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHikvision Ds 2cd2026g2 Iu\/sl
HWHikvisionwszystkie wersjeHikvision Ds 2cd2026g2 Iu\/sl Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2027g2 L\(u\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2027g2 L\(u\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2027g2 Lu\/sl
HWHikvisionwszystkie wersjeHikvision Ds 2cd2027g2 Lu\/sl Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2046g2 Iu\/sl
HWHikvisionwszystkie wersjeHikvision Ds 2cd2046g2 Iu\/sl Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2047g2 L\(u\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2047g2 L\(u\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2066g2 I\(u\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2066g2 I\(u\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2066g2 Iu\/sl
HWHikvisionwszystkie wersjeHikvision Ds 2cd2066g2 Iu\/sl Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2086g2 I\(u\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2086g2 I\(u\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2086g2 Iu\/sl
HWHikvisionwszystkie wersjeHikvision Ds 2cd2086g2 Iu\/sl Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2087g2 L\(u\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2087g2 L\(u\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2121g0 I\(w\)\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2121g0 I\(w\)\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2121g1 I\(w\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2121g1 I\(w\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2127g2 \( Su\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2127g2 \( Su\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2147g2 L\(su\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2147g2 L\(su\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2166g2 I\(su\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2166g2 I\(su\) Firmware
OSHikvisionwszystkie wersje
CISA KEV — detailsi
- Vendori
- Hikvision
- Producti
- Security cameras web server
- Added to KEVi
- January 10, 2022
- Remediation deadline (US Federal)i
- January 24, 2022(overdue)
Apply updates per vendor instructions.
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Related vulnerabilities
An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4....
Buffer overflow w wtyczce przeglądarki Hikvision LocalServiceComponents
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to o...
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be us...
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials