Browse all 4 CVE security advisories affecting Shenzhen Hereta Technology Co., Ltd.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Shenzhen Hereta Technology Co., Ltd. develops network video surveillance systems and IP cameras for security monitoring. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. The company has four CVEs on record, with vulnerabilities allowing unauthorized access and device compromise. Security researchers have identified hardcoded credentials and insufficient authentication mechanisms in their firmware, posing significant risks to deployed systems. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential for widespread exploitation in unpatched environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-29510 | Hereta ETH-IMC408M Stored XSS via Device Name — Hereta ETH-IMC408MCWE-79 | 5.4 | Medium | 2026-03-16 |
| CVE-2026-29513 | Hereta ETH-IMC408M Stored XSS via Device Location — Hereta ETH-IMC408MCWE-79 | 5.4 | Medium | 2026-03-16 |
| CVE-2026-29520 | Hereta ETH-IMC408M Reflected XSS via ping_ipaddr Parameter — Hereta ETH-IMC408MCWE-79 | 6.1 | Medium | 2026-03-16 |
| CVE-2026-29521 | Hereta ETH-IMC408M CSRF via Configuration Setup — Hereta ETH-IMC408MCWE-352 | 4.3 | Medium | 2026-03-16 |
This page lists every published CVE security advisory associated with Shenzhen Hereta Technology Co., Ltd.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.