Browse all 11 CVE security advisories affecting Tiandy. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tiandy specializes in video surveillance and security systems, with deployments in critical infrastructure and commercial facilities. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and default credentials. Notable security characteristics include exposed administrative interfaces and hardcoded credentials in multiple firmware versions. While no major public incidents have been widely documented, the accumulation of 11 CVEs suggests systemic security weaknesses that could enable unauthorized access or system compromise. Organizations deploying Tiandy equipment should implement network segmentation and immediate firmware updates to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4232 | Tiandy Integrated Management Platform getAuthorityByUserId sql injection — Integrated Management PlatformCWE-89 | 7.3 | High | 2026-03-16 |
This page lists every published CVE security advisory associated with Tiandy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.