CVE-2023-28815

Name of the Vulnerable Software and Affected Versions Hikvision iSecure Center (affected versions not specified)

Description The software contains insufficient parameter validation, leading to a command injection issue. Attackers may be able to gain platform privileges and execute arbitrary commands on the system. The software is released for China's domestic market only, with no overseas release. The root cause is inadequate parameter validation within the application, allowing malicious actors to craft inputs that are executed as commands on the underlying system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.