Authenticated Remote Command Execution in Hikvision Switch Products
CVE-2026-3828

7.2HIGH

Key Information:

Vendor: Hikvision
Status: Ds-3e1310p-si; Ds-3e1318p-si; Ds-3e1326p-si
Vendor: CVE Published:; 9 May 2026

What is CVE-2026-3828?

Certain Hikvision switch products, discontinued since December 2023, are susceptible to an authentication vulnerability that allows remote command execution. This flaw arises from inadequate input validation, permitting attackers with valid credentials to send specially crafted packets containing malicious commands to the affected devices. Successful exploitation could lead to arbitrary command execution, posing significant security risks.

Affected Version(s)

DS-3E1310P-SI Versions below V1.2.4_210623 (including V1.2.4_210623)

DS-3E1318P-SI Versions below V1.2.0_210823 (including V1.2.0_210823)

DS-3E1326P-SI Versions below V1.2.0_210823 (including V1.2.0_210823)

References

https://www.hikvision.com/en/support/cybersecurity/securi...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2026
Vulnerability Reserved
Mar 9, 2026

Credit

Thiago Torres (torresm)

CVE-2026-3828 Data

JSON