A security researcher discovered a command injection vulnerability that affects millions of Hikvision’s internet of things devices. Hikvision manufactures video-based IoT devices – including surveillance cameras, disk recorders, video codes and video servers. The flaw was first reported to the video security solutions provider on June 21, 2021. The company now says that it has fixed the flaw and also rolled out a firmware update for end users of all affected devices, based on the security researcher’s suggestions. In order to protect customers, Hikvision fixed firmware on public firmware portals before publicly announcing this problem, the company says.”]
Source: https://www.cuinfosecurity.com/critical-flaw-may-affect-millions-hikvision-devices-a-17625