Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tiandy — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting Tiandy. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tiandy specializes in video surveillance and security systems, with deployments in critical infrastructure and commercial facilities. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and default credentials. Notable security characteristics include exposed administrative interfaces and hardcoded credentials in multiple firmware versions. While no major public incidents have been widely documented, the accumulation of 11 CVEs suggests systemic security weaknesses that could enable unauthorized access or system compromise. Organizations deploying Tiandy equipment should implement network segmentation and immediate firmware updates to mitigate potential exploitation risks.

Top products by Tiandy: Easy7 Integrated Management Platform Video Surveillance System 视频监控平台 Easy7 CMS Windows Integrated Management Platform
CVE IDTitleCVSSSeverityPublished
CVE-2026-7698 Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection — Easy7 Integrated Management PlatformCWE-78 7.3 High2026-05-03
CVE-2026-4585 Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection — Easy7 Integrated Management PlatformCWE-78 9.8 Critical2026-03-23
CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection — Easy7 Integrated Management PlatformCWE-89 7.3 High2026-03-17
CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection — Easy7 Integrated Management PlatformCWE-89 7.3 High2026-03-17
CVE-2026-4287 Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection — Easy7 Integrated Management PlatformCWE-89 7.3 High2026-03-16
CVE-2026-4232 Tiandy Integrated Management Platform getAuthorityByUserId sql injection — Integrated Management PlatformCWE-89 7.3 High2026-03-16
CVE-2026-4221 Tiandy Easy7 Integrated Management Platform Endpoint uploadLedImage unrestricted upload — Easy7 Integrated Management PlatformCWE-434 7.3 High2026-03-16
CVE-2026-4187 Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication — Easy7 Integrated Management PlatformCWE-306 5.3 Medium2026-03-15
CVE-2026-3818 Tiandy Easy7 CMS Windows GetDBData.jsp sql injection — Easy7 CMS WindowsCWE-89 7.3 High2026-03-09
CVE-2026-3797 Tiandy Video Surveillance System 视频监控平台 CLS_REST_File.java uploadFile unrestricted upload — Video Surveillance System 视频监控平台CWE-434 6.3 Medium2026-03-09
CVE-2026-2985 Tiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgery — Video Surveillance System 视频监控平台CWE-918 6.3 Medium2026-02-23

This page lists every published CVE security advisory associated with Tiandy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.