CVE-2026-55975

Sažetak

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

Reference

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-05.json
https://hviewsmart.com/pages/contact-us
https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05

CVSS

Base:	7.2
Impact:	5.9
Exploitability:	1.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

26-06-2026 - 23:17

Objavljeno

26-06-2026 - 23:17