PT-2025-42595 · Hikvision · Hikvision Isecure Center

Hsrc

Published

2025-10-17

Updated

2025-10-22

CVE-2023-28814

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hikvision iSecure Center versions 1.0.0 through 1.7.0

Description The software contains an improper file upload control. Insufficient verification of uploaded files allows attackers to upload malicious files to the server. This could lead to remote code execution. The software is released for the China domestic market only.

Recommendations Versions 1.0.0 through 1.7.0 should be updated when a fix becomes available.

Fix

RCE

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2023-28814

Affected Products

Hikvision Isecure Center

PT-2025-42595 · Hikvision · Hikvision Isecure Center

CVE-2023-28814

Weakness Enumeration

Related Identifiers

Affected Products

References · 9