CVE-2026-55975

Description

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

References

• https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-05.json
• https://hviewsmart.com/pages/contact-us
• https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05