Vulnerabilities > Hikvision

DATE CVE VULNERABILITY TITLE RISK
2024-03-02 CVE-2024-25063 Unspecified vulnerability in Hikvision Hikcentral Professional
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
network
low complexity
hikvision
7.5
2024-03-02 CVE-2024-25064 Unspecified vulnerability in Hikvision Hikcentral Professional
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
network
low complexity
hikvision
4.3
2023-12-17 CVE-2023-6894 Unspecified vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK).
network
low complexity
hikvision
6.5
2023-12-17 CVE-2023-6895 OS Command Injection vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK).
network
low complexity
hikvision CWE-78
critical
9.8
2023-12-17 CVE-2023-6893 Path Traversal vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic.
network
low complexity
hikvision CWE-22
7.5
2023-11-23 CVE-2023-28812 Classic Buffer Overflow vulnerability in Hikvision Localservicecomponents 1.0.0.78
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
network
low complexity
hikvision CWE-120
critical
9.8
2023-11-23 CVE-2023-28813 Unspecified vulnerability in Hikvision Localservicecomponents 1.0.0.78
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
network
low complexity
hikvision
7.5
2023-11-23 CVE-2023-28811 Classic Buffer Overflow vulnerability in Hikvision products
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models.
low complexity
hikvision CWE-120
6.5
2023-06-15 CVE-2023-28810 Unspecified vulnerability in Hikvision products
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities.
low complexity
hikvision
4.3
2023-06-15 CVE-2023-28809 Session Fixation vulnerability in Hikvision products
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in.
network
high complexity
hikvision CWE-384
7.5