Podatność CVE-2021-36260

Podatność CVE-2021-36260

Publikacja: 2021-09-22

Opis:

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

	Tytuł	Autor	Data
Med.	Hikvision Web Server Build 210702 Command Injection	bashis	25.10.2021
High	Hikvision IP Camera Unauthenticated Command Injection	bashis	01.03.2022

Typ:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

Referencje:

https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/

Podatność CVE-2021-36260

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:

Med.

Hikvision Web Server Build 210702 Command Injection

High

Hikvision IP Camera Unauthenticated Command Injection

CWE-78

Referencje: