## https://sploitus.com/exploit?id=BB4F927F-90DB-547A-BE7D-10C27E9F9BEA
This is a PoC exploit for CVE-2021-36260, a command injection vulnerability in the web server of some Hikvision product. The vulnerability allows an attacker to launch a command injection attack by sending malicious commands to the device. The exploit is implemented in Python and provides several options for verification and exploitation, including a "safe check" and an "unsafe check" mode. The safe check mode attempts to write and read to verify the vulnerability, while the unsafe check mode attempts to reboot the device for verification. The exploit also allows for launching and connecting to an SSH shell, as well as executing arbitrary commands. The target product is a Hikvision device, and the vulnerability class is command injection. The probable entry point is the web server, and the notable dependency is Python. The execution context is a command-line interface (CLI) usage, and the expected impact is remote code execution.