HIKSEMI NAS CVE-2026-22626
MEDIUMSeverity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages.
AnalysisAI
Insufficient input validation in HIKSEMI NAS devices allows authenticated users to trigger denial of service conditions through malformed messages. An attacker with valid credentials can exploit this flaw to cause abnormal device behavior and availability disruptions without requiring user interaction. No patch is currently available to address this vulnerability.
Technical ContextAI
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages.
Affected ProductsAI
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavio
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-233 – Improper Handling of Parameters
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today