GCVE - cpe:2.3:o:hikvision:ds-2df6a825x-ael

Approved changes feed: RSS · Atom

cpe:2.3:o:hikvision:ds-2df6a825x-ael_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Hikvision (`fb070281-910c-5fa3-9cfd-2df1ea206306`)
Product	Ds 2Df6A825X Ael Firmware (`17c08947-6eae-5d52-bc00-8a2f98ec8c55`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-36260`	vulnerable	2026-06-03 14:44:57.603877	Details available A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. Published: 2021-09-22T12:07:55.000Z Updated: 2025-10-21T23:25:31.943Z Open on db.gcve.eu Reference links https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ http://packetstormsecurity.com/files/164603/Hikvision-Web-Server-Build-210702-Command-Injection.html http://packetstormsecurity.com/files/166167/Hikvision-IP-Camera-Unauthenticated-Command-Injection.html https://www.cyfirma.com/wp-content/uploads/2022/08/HikvisionSurveillanceCamerasVulnerabilities.pdf https://therecord.media/experts-warn-of-widespread-exploitation-involving-hikvision-cameras/	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.