CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.0%
There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
[
{
"vendor": "Hikvision",
"product": "DS-7604NI-K1 / 4P(B)",
"versions": [
{
"version": "V4.30.096build221220 and the versions prior to it",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-76xxNI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-77xxNI-Mx",
"defaultStatus": "affected",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-96xxxNI-Mxx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-76xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-77xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-86xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-96xxNXI-Ix",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-76xxNXI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-77xxNXI-Mx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "iDS-96xxxMXI-Mxx",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)",
"status": "affected"
}
]
},
{
"vendor": "Hikvision",
"product": "DS-7604NI-M1/4P",
"versions": [
{
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.01.070(not including V5.01.070)",
"status": "affected"
}
]
}
]