Primary

Context

Hikvision HikCentral Master Lite CSV Injection Vulnerability

Vulnerability

Patched

A CSV injection vulnerability has been identified in certain versions of HikCentral Master Lite. This vulnerability allows an attacker to inject executable commands through malicious CSV data. The affected versions range from 2.2.1 to 2.3.2.

Impact

Exploitation of this vulnerability could lead to CSV injection, allowing for the execution of injected commands when the CSV file is opened in a program that processes CSV data.

Remediation

Users can upgrade to version 2.4.0 to address this vulnerability.

Added: Aug 29, 2025, 3:23 AM

Updated: Aug 29, 2025, 3:23 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hikvision HikCentral Master Lite CSV Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Hikvision HikCentral Master Lite

Hikvision HikCentral Professional

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating