Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-36260: Command Injection Vulnerability

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE
#vulnerability#web#ios#intel#wifi
  • Pro Series (All)

    Hikvision Pro Series network cameras aim to provide just the right components, including intelligent features that are affordable and easy to use.

  • Pro Series with AcuSense

    Empowered by deep learning algorithm, Hikvision pro series network cameras with AcuSense detect and recognize people and vehicle targets. Selected models can also perform strobe light and audio alarm for on-site response in real time.

  • Pro Series with ColorVu

    Hikvision Pro series network cameras with ColorVu produce colorful and sharp videos with clear details in most low light, and even zero light scenarios.

  • DeepinView Series

    Powered by Deep Learning, Hikvision deep learning cameras take you far beyond just video and imaging data.

  • Panoramic Series

    All-in-one cameras can capture excellent panoramic images as well as close-up images to give consideration to both a panorama and detail.

  • Special Series

    Hikvision’s Special Series is integral to reliable network video solutions that specially designed for critical environments.

  • Ultra Series (SmartIP)

    Combining low-light monitoring capabilities and high-definition recognition, Hikvision smart IP cameras can easily meet the requirements of enterprise projects.

  • Wi-Fi Series

    Our line of wi-fi security camera systems allow for easy installation and to provide stable and high quality images.

  • Solar-powered Series

    Hikvision solar-powered security cameras deliver robust performance in areas where power supplies and ethernet cables don’t reach.

  • PT Series

    Hikvision’s motorized Pan-Tilt cameras support remote and easy adjustment of camera viewing angles on the Hik-Connect app.

Related news

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory (CSA) AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link (for Russia): https://vk.com/video-149273431_456239105 Americans can’t just release a list of “20 vulnerabilities most commonly exploited in attacks on […]

Chinese APT's favorite vulnerabilities revealed

Categories: Exploits and vulnerabilities Categories: News Tags: Chinese APT Tags: advanced persistent threat Tags: APT Tags: CISA Tags: NSA Tags: FBI Tags: security advisory CISA, the NSA and the FBI have compiled a list of the vulnerabilities targeted by state-sponsorted threat actors from China. (Read more...) The post Chinese APT's favorite vulnerabilities revealed appeared first on Malwarebytes Labs.

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Thousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug

The US Cybersecurity and Infrastructure Security Agency had wanted federal agencies to implement the fix for the RCE flaw in Hikvision cameras by Jan. 24, 2022.

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Categories: News Tags: Hikvision Tags: CVE-2021-36260 Tags: metasploit Tags: Mirai Tags: Moobot Tags: A patch has been available since September 2021, yet tens of thousands of systems used by 2,300 organizations across 100 countries have still not applied the security update. (Read more...) The post Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover appeared first on Malwarebytes Labs.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907