Hikvision has published a hotfixto upgrade Apache Struts 2 to its latest version, Struts 2.3.32 and 18.104.22.168,which Apache Struts had officially released to fix the potential vulnerability.To implement the hotfix:
1. Download the hotfix from Hikvision official website:
- iVMS-5200 Professional,including Mobile and ANPR sub systems: Click Here
- Blazer Pro v1.0: Click Here
2. Copy the hotfix 5200P-ST&FJ-201703.exe to the desktop of the computer orthe Blazer Pro where the Central Management Server service of the iVMS softwareis running.
3. Close the Service Manager by clicking the Exit button at the notificationarea.
4. Double click the hotfix to run it. The hotfix will check the running environment,stop the services of the iVMS software, replace the affected files and restartthe services. If you see the interface below, it means that the system has beenupgraded successfully and returned to normal status.
5. Restart the Service Manager.
If you have any doubt about the upgrade procedure,please do not hesitate to contact Hikvision local support team or at firstname.lastname@example.org.
Should you have a security problem or concern,please contact Hikvision Security Response Center at email@example.com.