Home

Description

Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on the system.iSecure Center is software released for China's domestic market only, with no overseas release.

PUBLISHED Reserved 2023-03-23 | Published 2025-10-17 | Updated 2025-10-17 | Assigner hikvision




CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

V1.0.0 - V1.7.0
affected

Credits

hsrc finder

References

www.hikvision.com/...securityCenter/SecurityNotices/2023-04/

cve.org (CVE-2023-28815)

nvd.nist.gov (CVE-2023-28815)

Download JSON