CVE ID
CVE-2021-36260
Vulnerability Name
Hikvision Improper Input Validation
- Project: Hikvision
- Product: Security cameras web server
Date
- Date Added: 2022-01-10
- Due Date: 2022-01-24
Description
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-36260
Related Security News
- Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
- CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
Top comments (0)