Primary

Context

Hikvision iSecure Center Improper File Upload Vulnerability

Vulnerability

A vulnerability allowing arbitrary file upload has been identified in Hikvision's iSecure Center software, versions 1.0.0 prior to 1.7.0. This issue arises from inadequate validation of uploaded files, enabling attackers to upload malicious files to the server. The vulnerability could lead to unauthorized access to service permissions or cause abnormal service behavior.

Impact

Exploitation of this vulnerability could result in unauthorized file uploads, potentially leading to execution of malicious files on the server or disruption of normal service operations.

Remediation

Users can download the patch for this vulnerability from the Hikvision download link provided in the official security notice. For technical support, Hikvision users can contact HSRC via email.

Added: Oct 17, 2025, 11:16 AM

Updated: Oct 17, 2025, 1:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hikvision iSecure Center Improper File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating