Vulnerabilities > Hikvision > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-47485 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master There is a CSV injection vulnerability in some HikCentral Master Lite versions. | 9.8 |
| 2023-12-17 | CVE-2023-6895 | OS Command Injection vulnerability in Hikvision Intercom Broadcast System A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). | 9.8 |
| 2023-11-23 | CVE-2023-28812 | Classic Buffer Overflow vulnerability in Hikvision Localservicecomponents 1.0.0.78 There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in. | 9.8 |
| 2023-04-11 | CVE-2023-28808 | Unspecified vulnerability in Hikvision products Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. | 9.8 |
| 2022-12-19 | CVE-2022-28173 | Unspecified vulnerability in Hikvision Ds-3Wf01C-2N/O Firmware and Ds-3Wf0Ac-2Nt Firmware The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. | 9.8 |
| 2022-06-27 | CVE-2022-28171 | Command Injection vulnerability in Hikvision products The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. | 9.8 |
| 2021-09-22 | CVE-2021-36260 | OS Command Injection vulnerability in Hikvision products A command injection vulnerability in the web server of some Hikvision product. | 9.8 |
| 2019-12-27 | CVE-2013-4976 | Improper Authentication vulnerability in Hikvision Ds-2Cd7153-E Firmware Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | 9.8 |
| 2018-08-13 | CVE-2018-6414 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hikvision IP Cameras A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. | 9.8 |
| 2017-05-06 | CVE-2017-7921 | Improper Authentication vulnerability in Hikvision products An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. | 10.0 |