CVE-2026-3828

Published: Mag 09, 2026 Last Modified: Mag 09, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,2

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

https://www.hikvision.com/en/support/cybersecurity/security…

https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-ex…

CVE-2026-3828

Description

Iscriviti alla newsletter