Vulnerabilities > Hikvision > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-47485 Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master
There is a CSV injection vulnerability in some HikCentral Master Lite versions.
network
low complexity
hikvision CWE-1236
critical
 9.8
9.8
2023-12-17 CVE-2023-6895 OS Command Injection vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK).
network
low complexity
hikvision CWE-78
critical
 9.8
9.8
2023-11-23 CVE-2023-28812 Classic Buffer Overflow vulnerability in Hikvision Localservicecomponents 1.0.0.78
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
network
low complexity
hikvision CWE-120
critical
 9.8
9.8
2023-04-11 CVE-2023-28808 Unspecified vulnerability in Hikvision products
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission.
network
low complexity
hikvision
critical
 9.8
9.8
2022-06-27 CVE-2022-28171 Command Injection vulnerability in Hikvision products
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability.
network
low complexity
hikvision CWE-77
critical
 9.8
9.8
2021-09-22 CVE-2021-36260 OS Command Injection vulnerability in Hikvision products
A command injection vulnerability in the web server of some Hikvision product.
network
low complexity
hikvision CWE-78
critical
 9.8
9.8
2019-12-27 CVE-2013-4975 Improper Privilege Management vulnerability in Hikvision Ds-2Cd7153-E Firmware 4.1.0B130111
Hikvision DS-2CD7153-E IP Camera has Privilege Escalation
network
low complexity
hikvision CWE-269
critical
 9.0
9.0
2014-03-03 CVE-2013-4977 Buffer Errors vulnerability in Hikvision Ds-2Cd7153-E and Ds-2Cd7153-E Firmware
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.
network
low complexity
hikvision CWE-119
critical
 10.0
10