Hikvision: >> Hikcentral Professional >> 2.0.0 Security Vulnerabilities
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-10-18
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-03-02
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-02