CVE-2026-22626

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-22626
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages.

4.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.hiksemitech.com/en/hiksemi/support/security-advisory.html
Configurations

No configuration.

History

15 Apr 2026, 00:35

Type Values Removed Values Added
Summary
  • (es) Debido a la validación insuficiente de parámetros de entrada en la interfaz, los usuarios autenticados de ciertos productos NAS de HIKSEMI pueden causar un comportamiento anómalo del dispositivo mediante la elaboración de mensajes específicos.

27 Feb 2026, 15:16

Type Values Removed Values Added
CWE CWE-233

30 Jan 2026, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-01-30 11:15

Updated : 2026-04-15 00:35

NVD link : CVE-2026-22626

Mitre link : CVE-2026-22626

CVE.ORG link : CVE-2026-22626

JSON object : View

Products Affected

No product.

CWE
CWE-233

Improper Handling of Parameters