Hikvision announced that its platform had a vulnerability in the way it handled cookies here:
Security Notice - Statement on Insecure Cookie Handling Vulnerability in hik-connect.com - Hangzhou Hikvision Digital Technology Co. Ltd.
The write up of the bug here :
explains how it could be...