An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HHikvision Localservicecomponents
APPHikvision≤ 1.0.0.78
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Related vulnerabilities
CVE-2023-28812CRITICAL9.1PL ✓ten sam produkt
Buffer overflow w wtyczce przeglądarki Hikvision LocalServiceComponents
CVE-2021-36260CRITICAL9.8⚠ KEVten sam vendor
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input v...
CVE-2017-7921CRITICAL9.8⚠ KEVten sam vendor
An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4....
CVE-2023-28808CRITICAL9.1ten sam vendor
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to o...
CVE-2022-28173CRITICAL9.1ten sam vendor
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be us...