Vulnerability Details : CVE-2021-36260
Public exploit exists!
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Published
2021-09-22 13:15:08
Updated
2022-10-27 21:18:55
Products affected by CVE-2021-36260
- cpe:2.3:o:hikvision:ds-2cd2026g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2046g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2066g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2066g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2086g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2086g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2166g2-i\(su\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2186g2-i\(su\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2186g2-isu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2326g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2346g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2366g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2366g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2386g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2386g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2426g2-i_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2446g2-i_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2526g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2526g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2546g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2566g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2586g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2626g2-izsu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2646g2-izsu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2666g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2666g2-izsu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2686g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2686g2-izsu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2766g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2786g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2027g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2047g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2027g2-lu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2087g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2127g2-\(-su\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2147g2-l\(su\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2327g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2347g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2347g2-lsu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2387g2-l\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2527g2-ls_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2547g2-ls_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2547g2-lzs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2121g0-i\(w\)\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2321g0-i\/nf_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2421g0-i\(d\)\(w\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2421g0-i\(d\)w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2621g0-i\(z\)\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2721g0-i\(z\)\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2121g1-i\(w\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2121g1_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2121g1-idw_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2023g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2043g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2063g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2083g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2123g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2123g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2143g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2143g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2163g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2163g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2183g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2183g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2323g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2343g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2363g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2183g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2523g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2543g2-i\(ws\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2563g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2583g2-i\(s\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2623g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2643g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2663g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2683g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2723g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2743g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2763g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2783g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3023g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3043g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3063g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3123g2-i\(s\)u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3143g2-i\(s\)u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3163g2-i\(s\)u_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3323g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3343g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3363g2-iu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3523g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3543g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3563g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3623g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3643g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3663g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3723g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3743g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3763g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2021g1-i\(w\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2383g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd2523g2-i\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3026g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3056g2iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3126g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3126g2-is\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3156g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3156g2-is\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3186g2-is\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3326g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3356g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3356g2-is\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3356g2-isu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3386g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3386g2-is\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3526g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3556g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3586g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3626g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3726g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3026g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3056g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3056g2-iu\/sl_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3086g2-is_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3656g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3686g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3756g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3786g2-izs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3047g2-ls_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3347g2-ls\(u\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2cd3547g2-ls_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2xe6242f-is\/316l\(b\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2xe6422fwd-izhrs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2xe6442f-izhrs\(b\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2xe6452f-izh\(r\)s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2xe6482f-izhrs_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dyh2a0ixs-d\(t2\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9236i8x-a_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9236i8x-a\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9236ix-a\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9236x-a\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9240ix-a\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy9250izs-a\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2dy92500x-a\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n2204i-de3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n2404i-de3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n4215-de3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n4215i-de_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n4225i-de_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ptz-n5225i-a_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df5225x-ae3\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df5225x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df5232x-ae3\)t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df5232x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a225x-ael\)t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a236x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a425x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a436x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a436x-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a436x-aely\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a825x-ael_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df6a836x-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df7225ix-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df7225ix-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df7232ix-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df7232ix-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ih-ael_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ih-ael\(w\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ix-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ix-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ix-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8225ix-aelw\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8236i5x-aelw_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242i5x-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242i5x-aelw\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242i5x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242ix-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242ix-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8242ix-aely\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8250i8x-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8425ix-ael\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8425ix-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8425ix-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8425ix-aelw\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8436i5x-aelw\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8442ixs-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8442ixs-aelw\(t2\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8442ixs-aelw\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8442ixs-aelwy\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8442ixs-aely\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a442ixs-ael\(t2\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a442ixs-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a442ixs-aely\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a442ixs-af\/sp\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a442nxs-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2df8a842ixs-ael\(t5\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ids-2pt9a144mxs-d\/t2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ids-2sk718mxs-d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ids-2sk8144ixs-d\/j_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ids-2vs435-f840-ey_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ids-2vs435-f840-ey\(t3\)_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td1217b-3\/pa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td1217b-6\/pa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td1117-2\/pa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td1117-3\/pa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td1117-6\/pa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4136t-9_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4137-25\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4137-50\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4166t-9_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4167-25\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td4167-50\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6236t-50h2l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6237-50h4l\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6237-75c4l\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6266t-25h2l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6266t-50h2l_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6267-100c4l\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6267-100c4l\/wy_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6267-50h4l\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6267-75c4l\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td6267-75c4l\/wy_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8166-100c2f\/v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8166-150ze2f\/v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8166-150zh2f\/v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8166-180ze2f\/v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8166-75c2f\/v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8167-150zc4f\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8167-190ze2f\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8167-190ze2f\/wy_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8167-230zg2f\/w_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-2td8167-230zg2f\/wy_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-7604ni-k1_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-760ni-k1\/4p_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-7604ni-k1\/4p\/4g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-7608ni-k1_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-7608ni-k1\/4g_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:hikvision:ds-7608ni-k1\/8p_firmware:-:*:*:*:*:*:*:*
- Hikvision » Ds-7608ni-k1/8p/4g FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7608ni-k1\/8p\/4g_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7616ni-k1 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7616ni-k1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7604ni-q1 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7604ni-q1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7604ni-q1/4p FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7604ni-q1\/4p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7608ni-q1 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7608ni-q1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7608ni-q1/8p FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7608ni-q1\/8p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7608ni-q2 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7608ni-q2_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7608ni-q2/8p FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7608ni-q2\/8p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7616ni-q1 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7616ni-q1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7616ni-q2 FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7616ni-q2_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7616ni-q2/16p FirmwareVersions from including (>=) 4.30.210 and up to, including, (<=) 4.31.000cpe:2.3:o:hikvision:ds-7616ni-q2\/16p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7104ni-q1 FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7104ni-q1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7104ni-q1/4p FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7104ni-q1\/4p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7104ni-q1/4p/m FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7104ni-q1\/4p\/m_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7104ni-q1/m FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7104ni-q1\/m_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7108ni-q1 FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7108ni-q1_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7108ni-q1/8p FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7108ni-q1\/8p_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7108ni-q1/8p/m FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7108ni-q1\/8p\/m_firmware:*:*:*:*:*:*:*:*
- Hikvision » Ds-7108ni-q1/m FirmwareVersions from including (>=) 4.30.300 and up to, including, (<=) 4.31.100cpe:2.3:o:hikvision:ds-7108ni-q1\/m_firmware:*:*:*:*:*:*:*:*
Max 200 conditions are displayed on this page, to prevent potential performance issues,
please refer to NVD for more details.
CVE-2021-36260 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Hikvision Improper Input Validation
CISA required action:
Apply updates per vendor instructions.
CISA description:
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2021-36260
Added on
2022-01-10
Action due date
2022-01-24
Exploit prediction scoring system (EPSS) score for CVE-2021-36260
97.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2021-36260
-
Hikvision IP Camera Unauthenticated Command Injection
Disclosure Date: 2021-09-18First seen: 2022-12-23exploit/linux/http/hikvision_cve_2021_36260_blindThis module exploits an unauthenticated command injection in a variety of Hikvision IP cameras (CVE-2021-36260). The module inserts a command into an XML payload used with an HTTP PUT request sent to the `/SDK/webLanguage` endpoint, resulting in command execution
CVSS scores for CVE-2021-36260
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-36260
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-36260
-
https://www.cyfirma.com/wp-content/uploads/2022/08/HikvisionSurveillanceCamerasVulnerabilities.pdf
Exploit;Third Party Advisory
-
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/
Security Notification - Command Injection Vulnerability in Some Hikvision products | Security Advisory | HikvisionVendor Advisory
-
http://packetstormsecurity.com/files/166167/Hikvision-IP-Camera-Unauthenticated-Command-Injection.html
Hikvision IP Camera Unauthenticated Command Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://therecord.media/experts-warn-of-widespread-exploitation-involving-hikvision-cameras/
Experts warn of widespread exploitation involving Hikvision cameras - The Record by Recorded FutureThird Party Advisory
-
http://packetstormsecurity.com/files/164603/Hikvision-Web-Server-Build-210702-Command-Injection.html
Hikvision Web Server Build 210702 Command Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Jump to