5 matches found
CVE-2024-58274
Hikvision CSMP Comprehensive Security Management Platform iSecure Center through 2024-08-01 allows execution of a command within $ in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025...
CVE-2023-28814
Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overse...
Hikvision Improper Input Validation
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation...
VulnCheck KEV: CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation...
CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands...