All vulnerabilities
CVE-2021-36260
Hikvision Improper Input Validation
Hikvision — Security cameras web server
- Added to KEV catalog
- 10 January 2022
- Federal remediation due date
- 24 January 2022
- Weakness classification (CWE)
- CWE-78
CISA Description
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-36260
More Hikvision Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services