switch
by Hikvision
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3828 | Hig | 0.47 | 7.2 | 0.01 | May 9, 2026 | Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to… | ||
| CVE-2024-8449 | 0.00 | — | 0.00 | Sep 30, 2024 | Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password. | |||
| CVE-2022-2323 | 0.00 | — | 0.01 | Jul 29, 2022 | Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions | |||
| CVE-2021-20024 | 0.00 | — | 0.01 | Jul 9, 2021 | Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations. |
- risk 0.47cvss 7.2epss 0.01
Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to…
- CVE-2024-8449Sep 30, 2024risk 0.00cvss —epss 0.00
Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password.
- CVE-2022-2323Jul 29, 2022risk 0.00cvss —epss 0.01
Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch 1.1.1.0-2s and earlier versions
- CVE-2021-20024Jul 9, 2021risk 0.00cvss —epss 0.01
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations.