Vulnerability Description
A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-17
- https://hviewsmart.com/pages/contact-us
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05
FAQ
What is CVE-2026-55975?
CVE-2026-55975 is a vulnerability with a CVSS score of 7.2 (HIGH). A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a back...
How severe is CVE-2026-55975?
CVE-2026-55975 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-55975?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.