CVE-2021-36260 is a command injection vulnerability impacting multiple Hikvision products. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

Packet Storm exploit –

Known Counter Measures:

Hikvision addressed the vulnerability in security notification with updated versions.

Links to patches(if available)