Vulnerabilities > Hikvision > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-47487 | SQL Injection vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1 There is a SQL injection vulnerability in some HikCentral Professional versions. | 8.8 |
| 2024-03-02 | CVE-2024-25063 | Unspecified vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1 Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to. | 7.5 |
| 2023-12-17 | CVE-2023-6893 | Path Traversal vulnerability in Hikvision Intercom Broadcast System A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. | 7.5 |
| 2023-11-23 | CVE-2023-28813 | Unspecified vulnerability in Hikvision Localservicecomponents 1.0.0.78 An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files. | 7.5 |
| 2023-06-15 | CVE-2023-28809 | Session Fixation vulnerability in Hikvision products Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. | 7.5 |
| 2019-12-27 | CVE-2013-4975 | Improper Privilege Management vulnerability in Hikvision Ds-2Cd7153-E Firmware 4.1.0B130111 Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | 8.8 |
| 2018-04-18 | CVE-2018-6413 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hikvision Ds-2Cd9111-S Firmware 4.1.2 There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request. | 7.5 |
| 2017-08-30 | CVE-2017-13774 | Information Exposure vulnerability in Hikvision Ivms-4200 2.6.2.6 Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors. | 7.8 |
| 2017-05-06 | CVE-2017-7923 | Information Exposure vulnerability in Hikvision products A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. | 8.8 |