Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-3828
PUBLISHED
More InfoOfficial Page
Assigner-hikvision
Assigner Org ID-da451dce-859b-4e51-8b87-9c8b60d19b32
View Known Exploited Vulnerability (KEV) details
Published At-09 May, 2026 | 08:27
Updated At-09 May, 2026 | 08:27
Rejected At-
▼CVE Numbering Authority (CNA)

Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

Affected Products
Vendor
HIKVISIONHikvision
Product
DS-3E1310P-SI
Versions
Affected
  • Versions below V1.2.4_210623 (including V1.2.4_210623)
Vendor
HIKVISIONHikvision
Product
DS-3E1318P-SI
Versions
Affected
  • Versions below V1.2.0_210823 (including V1.2.0_210823)
Vendor
HIKVISIONHikvision
Product
DS-3E1326P-SI
Versions
Affected
  • Versions below V1.2.0_210823 (including V1.2.0_210823)
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Thiago Torres (torresm)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-switch-product/
N/A
Hyperlink: https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-switch-product/
Resource: N/A
Details not found