CVE advisoryKnown Exploit
CVE-2021-36260
Hikvision Web Server Command Injection Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A command injection vulnerability exists in the web server of certain Hikvision products. This flaw could allow attackers to execute arbitrary commands, potentially impacting device operations and data integrity. The business risk involves unauthorized access and control over surveillance systems.