CVE-2026-6824
Awaiting Analysis Awaiting Analysis - Queue
Stored XSS in 1xxx Series NVR Devices

Publication date: 2026-05-29

Last updated on: 2026-06-01

Assigner: ICS-CERT

Description
A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can inject malicious scripts, which are then persistently stored on the device backend. When administrators or users access affected pages, the stored scripts are executed in their browsers, leading to potential session hijacking, unauthorized actions, or data theft.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-06-01
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-6824
EUVD
EUVD-2026-33363
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The stored cross-site scripting (XSS) vulnerability in the affected NVR devices can lead to session hijacking, unauthorized actions, or data theft by executing malicious scripts in users' browsers.

Such security issues can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and breaches.

Failure to address this vulnerability may result in violations of these regulations due to potential data exposure or compromise of user sessions.

Executive Summary

This vulnerability is a stored cross-site scripting (XSS) issue found in certain 1xxx series NVR devices. It occurs because the device does not properly sanitize user-supplied input in specific functional modules. As a result, attackers can inject malicious scripts that are persistently stored on the device backend.

When administrators or users access the affected pages, these stored malicious scripts execute in their browsers, potentially allowing attackers to hijack sessions, perform unauthorized actions, or steal data.

Impact Analysis

The impact of this vulnerability includes the risk of session hijacking, where attackers can take over user sessions to gain unauthorized access.

It can also lead to unauthorized actions being performed on behalf of legitimate users or administrators.

Additionally, sensitive data may be stolen through the execution of malicious scripts in users' browsers.

Overall, this can compromise the security and integrity of the affected NVR devices and the data they manage.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6824. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart