🟠 高危 | CVE-2026-56414 — A vulnerability exists in H.View IP cameras certif...
🟠 CVE-2026-56414
CVSS 评分: 8.6(高危) | 状态: Received | 发布时间: 2026-06-26
漏洞描述
A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or malformed data in locations intended for trusted certificate material, which could affect system integrity or behavior even after reboot.
漏洞详情
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-56414 |
| CVSS 评分 | 8.6(高危) |
| CVSS 向量 | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
| CWE | CWE-434 |
| 发布时间 | 2026-06-26 |
| 最后更新 | 2026-06-26 |
| 状态 | Received |
| 数据来源 | ics-cert@hq.dhs.gov |
参考链接
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-05.json
- https://hviewsmart.com/pages/contact-us
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05
🤖 本文由 CVE 安全快讯机器人自动生成
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-27 09:06
💬 评论