Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hikvision vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28812
There is a buffer overflow vulnerability in a web browser plug-in could allow an malicious user to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-i...
Hikvision Localservicecomponents
NA
CVE-2023-28811
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Hikvision Nvr-216mh-c\\(d\\) Firmware
Hikvision Nvr-216mh-c\\/16p\\(d\\) Firmware
Hikvision Nvr-208mh-c\\/8p\\(d\\) Firmware
Hikvision Nvr-104mh-c\\/4p\\(d\\) Firmware
Hikvision Nvr-104mh-c\\(d\\) Firmware
Hikvision Nvr-108mh-c\\(d\\) Firmware
Hikvision Nvr-116mh-c\\(d\\) Firmware
Hikvision Ds-7104ni-q1\\(c\\) Firmware
Hikvision Ds-7104ni-q1\\(d\\) Firmware
Hikvision Ds-7108ni-q1\\(c\\) Firmware
Hikvision Ds-7108ni-q1\\(d\\) Firmware
Hikvision Nvr-104mh-d\\(c\\) Firmware
Hikvision Nvr-104mh-d\\(d\\) Firmware
Hikvision Nvr-108h-d\\(c\\) Firmware
Hikvision Nvr-108mh-d\\(c\\) Firmware
Hikvision Nvr-108mh-d\\(d\\) Firmware
Hikvision Nvr-104mh-d\\/4p\\(c\\) Firmware
Hikvision Nvr-108h-d\\/8p\\(c\\) Firmware
Hikvision Nvr-108h-d\\/8p\\(d\\) Firmware
Hikvision Nvr-108mh-d\\/8p\\(c\\) Firmware
Hikvision Ds-7604ni-q1\\(c\\) Firmware
Hikvision Ds-7604ni-q1\\/4p\\(c\\) Firmware
NA
CVE-2023-28810
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
Hikvision Ds-k1t804af Firmware
Hikvision Ds-k1t804amf Firmware
Hikvision Ds-k1t341am Firmware
Hikvision Ds-k1t341amf Firmware
Hikvision Ds-k1t671m Firmware
Hikvision Ds-k1t671mf Firmware
Hikvision Ds-k1t671 Firmware
Hikvision Ds-k1t343efwx Firmware
Hikvision Ds-k1t343efx Firmware
Hikvision Ds-k1t343ewx Firmware
Hikvision Ds-k1t343ex Firmware
Hikvision Ds-k1t343mfwx Firmware
Hikvision Ds-k1t343mfx Firmware
Hikvision Ds-k1t343mwx Firmware
Hikvision Ds-k1t343mx Firmware
Hikvision Ds-k1t341c Firmware
Hikvision Ds-k1t320efwx Firmware
Hikvision Ds-k1t320efx Firmware
Hikvision Ds-k1t320ewx Firmware
Hikvision Ds-k1t320ex Firmware
Hikvision Ds-k1t320mfwx Firmware
Hikvision Ds-k1t320mfx Firmware
NA
CVE-2023-28809
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gai...
Hikvision Ds-k1t320efwx Firmware -
Hikvision Ds-k1t320efx Firmware -
Hikvision Ds-k1t320ewx Firmware -
Hikvision Ds-k1t320ex Firmware -
Hikvision Ds-k1t320mfwx Firmware -
Hikvision Ds-k1t320mfx Firmware -
Hikvision Ds-k1t320mwx Firmware -
Hikvision Ds-k1t320mx Firmware -
Hikvision Ds-k1t341am Firmware -
Hikvision Ds-k1t341amf Firmware -
Hikvision Ds-k1t341cm Firmware -
Hikvision Ds-k1t343ewx Firmware -
Hikvision Ds-k1t343ex Firmware -
Hikvision Ds-k1t343mwx Firmware -
Hikvision Ds-k1t343mx Firmware -
Hikvision Ds-k1t671 Firmware -
Hikvision Ds-k1t671m Firmware -
Hikvision Ds-k1t671mf Firmware -
Hikvision Ds-k1t671t Firmware -
Hikvision Ds-k1t671tm Firmware -
Hikvision Ds-k1t671tm-3xf Firmware -
Hikvision Ds-k1t671tmf Firmware -
NA
CVE-2023-28808
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Hikvision Ds-a71024 Firmware
Hikvision Ds-a71048 Firmware
Hikvision Ds-a71072r Firmware
Hikvision Ds-a80624s Firmware
Hikvision Ds-a81016s Firmware
Hikvision Ds-a72024 Firmware
Hikvision Ds-a72072r Firmware -
Hikvision Ds-a80316s Firmware
Hikvision Ds-a82024d Firmware
Hikvision Ds-a71048r-cvs Firmware
Hikvision Ds-a72072r Firmware
NA
CVE-2022-28173
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain the admin permission. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.
Hikvision Ds-3wf0ac-2nt Firmware
Hikvision Ds-3wf01c-2n\\/o Firmware
668
VMScore
CVE-2022-28171
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affec...
Hikvision Ds-a71024 Firmware
Hikvision Ds-a71048 Firmware
Hikvision Ds-a71072r Firmware
Hikvision Ds-a80624s Firmware
Hikvision Ds-a81016s Firmware
Hikvision Ds-a72024 Firmware
Hikvision Ds-a72072r Firmware
Hikvision Ds-a80316s Firmware
Hikvision Ds-a82024d Firmware
Hikvision Ds-a71048r-cvs Firmware
Hikvision Ds-a72048r-cvs Firmware
1 Github repository
383
VMScore
CVE-2022-28172
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.
Hikvision Ds-a71024 Firmware
Hikvision Ds-a71048 Firmware
Hikvision Ds-a71072r Firmware
Hikvision Ds-a80624s Firmware
Hikvision Ds-a81016s Firmware
Hikvision Ds-a72024 Firmware
Hikvision Ds-a72072r Firmware
Hikvision Ds-a80316s Firmware
Hikvision Ds-a82024d Firmware
Hikvision Ds-a71048r-cvs Firmware
Hikvision Ds-a72048r-cvs Firmware
NA
CVE-2021-36360
Unauthenticated command injection in a variety of Hikvision IP cameras. This vulnerability was reportedly added to the Moobot botnet in December, and continues to be actively exploited.
979
VMScore
CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Hikvision Ds-2cd2026g2-iu\\/sl Firmware -
Hikvision Ds-2cd2046g2-iu\\/sl Firmware -
Hikvision Ds-2cd2066g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2066g2-iu\\/sl Firmware -
Hikvision Ds-2cd2086g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2086g2-iu\\/sl Firmware -
Hikvision Ds-2cd2166g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-isu Firmware -
Hikvision Ds-2cd2326g2-isu\\/sl Firmware -
Hikvision Ds-2cd2346g2-isu\\/sl Firmware -
Hikvision Ds-2cd2366g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2366g2-isu\\/sl Firmware -
Hikvision Ds-2cd2386g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2386g2-isu\\/sl Firmware -
Hikvision Ds-2cd2426g2-i Firmware -
Hikvision Ds-2cd2446g2-i Firmware -
Hikvision Ds-2cd2526g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2526g2-is Firmware -
Hikvision Ds-2cd2546g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2566g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2586g2-i\\(s\\) Firmware -
1 Metasploit module
30 Github repositories
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »