CVE-2023-28814 | THREATINT

Description

Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overseas release.

PUBLISHED Reserved 2023-03-23 | Published 2025-10-17 | Updated 2025-10-17 | Assigner hikvision

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

V1.0.0 - V1.7.0

affected

Credits

hsrc finder

References

www.hikvision.com/...securityCenter/SecurityNotices/2023-03/

cve.org (CVE-2023-28814)

nvd.nist.gov (CVE-2023-28814)

Download JSON