Hikvision · Hikvision Switch · CVE-2026-3828
**Name of the Vulnerable Software and Affected Versions**
Hikvision switch products (affected versions not specified)
**Description**
Certain Hikvision switch products, discontinued since December 2023, contain a flaw allowing authenticated remote command execution. This issue stems from insufficient input validation, which enables attackers possessing valid credentials to execute arbitrary commands by sending crafted packets to the affected devices.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.