CNNVD-202510-3181 Information

CNNVD ID

CNNVD-202510-3181

Related CVE

CVE-2024-58274

• CNNVD Published: 2025-10-22

Description (Chinese)

Hikvision CSMP iSecure Center是中国海康威视（Hikvision）公司的一款综合安防管理平台。 Hikvision CSMP iSecure Center 2024-08-01及之前版本存在安全漏洞，该漏洞源于对JSON数据中$()命令执行未进行验证，可能导致执行任意代码。

Description (English)

Hikvision CSMP iSecure Center is a comprehensive security management platform for Hikvision, China. There is a security loophole in the Hikvision CSMP iSecure Center 2024-08-01 and earlier versions, which stems from the failure to verify the execution of the $[) order in JSON data, which may result in the enforcement of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

海康威视

Published

2025-10-22

Last Modified

2026-02-24

References

https://forum.butian.net/article/498 https://github.com/ahisec/nuclei-tps/blob/main/ https://xz.aliyun.com/news/14639 https://access.redhat.com/security/cve/cve-2024-58274

Patch

https://www.hikvision.com/en/