There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
References
Configurations
History
22 Oct 2024, 16:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:hikvision:hikcentral_master:*:*:*:*:lite:*:*:* | |
First Time |
Hikvision
Hikvision hikcentral Master |
|
CWE | CWE-1236 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/ - Vendor Advisory |
18 Oct 2024, 12:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
18 Oct 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-18 09:15
Updated : 2024-10-22 16:23
NVD link : CVE-2024-47485
Mitre link : CVE-2024-47485
CVE.ORG link : CVE-2024-47485
JSON object : View
Products Affected
hikvision
- hikcentral_master
CWE
CWE-1236
Improper Neutralization of Formula Elements in a CSV File