← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-36260 — Actively Exploited: Security cameras web server (Hikvision)

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.

CVE IDCVE-2021-36260
VendorHikvision
ProductSecurity cameras web server
Vulnerability nameHikvision Improper Input Validation
Date added2022-01-10
Remediation due2022-01-24
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionA command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →