CVE-2023-53691
HIGH EXPLOITEDHikvision CSMP iSecure Center <2023-06-25 - Path Traversal
Title source: llmExploitation Summary
CVE-2023-53691 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2023-06-25 allows file upload via /center/api/files directory traversal, as exploited in the wild in 2024 and 2025.
References (1)
Core 1
Core References
Various Sources
https://zhuanlan.zhihu.com/p/639514473
Scores
CVSS v3
8.3
EPSS
0.0107
EPSS Percentile
60.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2025-10-22
CWE
CWE-24
Status
published
Products (1)
Hikvision/CSMP iSecure Center
< 2023-06-25
Published
Oct 22, 2025
Tracked Since
Feb 18, 2026