CVE-2026-55975 PUBLISHED

H.VIEW HV-500S6 IP Camera OS Command Injection

Assigner: icscert
Reserved: 22.06.2026 Published: 26.06.2026 Updated: 26.06.2026

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.2

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	High	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 8.6

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	None
Attack Complexity	Low	Integrity	High	Integrity	None
Attack Requirements	None	Availability	High	Availability	None
Privileges Required	High
User Interaction	None

CVSS 4.0

Product Status

Vendor	H.VIEW
Product	HV-500S6 IP Camera
Versions	Default: unaffected Version IPCAM_V4.06.88.251229 is affected

Workarounds

H.View did not respond to CISA's request to coordinate. Users are encouraged to reach out to H.View for support. https://hviewsmart.com/pages/contact-us https://hviewsmart.com/pages/contact-us

Credits

Fukuhara Rikuto of Smooth Inc. (CTO) and Hosei University reported this vulnerability to CISA. finder

References

Problem Types

CWE-78 CWE