|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-13 | |
| Rule Name: | Hikvision iSecure Center clusters Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Hikvision iSecure Center is an integrated security management platform that consolidates video surveillance, access control, and alarm management to enhance the safety and operational efficiency of enterprises and public spaces. There is an information leakage vulnerability in the Admintoken interface of Hikvision iSecure Center, which attackers can exploit to obtain sensitive information. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |