crash.software
Projects
Pull Requests
Issues
Builds
CVE-2021-36260
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY CVE-2021-36260 Commits 74a6c862
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■
    README.md
    skipped 1 lines
    2 2  CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
    3 3   
    4 4  Exploit Title: Hikvision Web Server Build 210702 - Command Injection
     5 + 
    5 6  Exploit Author: bashis
     7 + 
    6 8  Vendor Homepage: https://www.hikvision.com/
     9 + 
    7 10  Version: 1.0
     11 + 
    8 12  CVE: CVE-2021-36260
     13 + 
    9 14  Reference: https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html
    10 15   
    11 16  # All credit to Watchful_IP
    skipped 33 lines
Please wait...
Page is in error, reload to recover