CVE-2017-7921

🗓️ 06 May 2017 00:00:00Reported by icscertType

cve🔗 web.nvd.nist.gov📰️ 7 Media mentions👁 682 Views🌐 WEB

An Improper Authentication issue in Hikvision DS-2CD2xx2F-I Series V5.2.0 to V5.4.0, DS-2CD2xx0F-I Series V5.2.0 to V5.4.0, DS-2CD2xx2FWD Series V5.3.1 to V5.4.4, DS-2CD4x2xFWD Series V5.2.0 to V5.4.0, DS-2CD4xx5 Series V5.2.0 to V5.4.0, DS-2DFx Series V5.2.0 to V5.4.5, and DS-2CD63xx Series V5.0.9 to V5.3.5 devices

Reporter	Title	Published	Views	Family All 35
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	21 Jan 202616:04	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	12 Nov 202009:02	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	24 Jul 202314:48	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	2 Feb 202403:27	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	13 Nov 202004:15	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	2 Jul 202411:47	–	githubexploit
GithubExploit	Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware	27 Apr 202011:49	–	githubexploit
ATTACKERKB	CVE-2017-7921	6 May 201700:00	–	attackerkb
BDU FSTEC	The vulnerability of Hikvision’s IP cameras’ microprogramming software, related to authentication procedures that lack sufficient safeguards, allows intruders to exploit their privileges.	15 Mar 202100:00	–	bdu_fstec
Circl	CVE-2017-7921	21 Sep 202106:42	–	circl

NVD

Vulners

Node

hikvision ds-2cd2032-i_firmwareMatch-

hikvision ds-2cd2112-i_firmwareMatch-

hikvision ds-2cd2132-i_firmwareMatch-

hikvision ds-2cd2212-i5_firmwareMatch-

hikvision ds-2cd2232-i5_firmwareMatch-

hikvision ds-2cd2312-i_firmwareMatch-

hikvision ds-2cd2332-i_firmwareMatch-

hikvision ds-2cd2412f-i(w)_firmwareMatch-

hikvision ds-2cd2432f-i(w)_firmwareMatch-

hikvision ds-2cd2512f-i(s)_firmwareMatch-

hikvision ds-2cd2532f-i(s)_firmwareMatch-

hikvision ds-2cd2612f-i(s)_firmwareMatch-

hikvision ds-2cd2632f-i(s)_firmwareMatch-

hikvision ds-2cd2712f-i(s)_firmwareMatch-

hikvision ds-2cd2732f-i(s)_firmwareMatch-

hikvision ds-2cd2t32-i3_firmwareMatch-

hikvision ds-2cd2t32-i5_firmwareMatch-

hikvision ds-2cd2t32-i8_firmwareMatch-

hikvision ds-2cd4012f-(a)_firmwareMatch-

hikvision ds-2cd4012f-(p)_firmwareMatch-

hikvision ds-2cd4012f-(w)_firmwareMatch-

hikvision ds-2cd4012fwd-(a)_firmwareMatch-

hikvision ds-2cd4012fwd-(p)_firmwareMatch-

hikvision ds-2cd4012fwd-(w)_firmwareMatch-

hikvision ds-2cd4024f-(a)_firmwareMatch-

hikvision ds-2cd4024f-(p)_firmwareMatch-

hikvision ds-2cd4024f-(w)_firmwareMatch-

hikvision ds-2cd4032fwd-(a)_firmwareMatch-

hikvision ds-2cd4032fwd-(p)_firmwareMatch-

hikvision ds-2cd4032fwd-(w)_firmwareMatch-

hikvision ds-2cd4112f-i(z)_firmwareMatch-

hikvision ds-2cd4112fwd-i(z)_firmwareMatch-

hikvision ds-2cd4124f-i(z)_firmwareMatch-

hikvision ds-2cd4132fwd-i(z)_firmwareMatch-

hikvision ds-2cd4212f-i(h)_firmwareMatch-

hikvision ds-2cd4212f-i(s)_firmwareMatch-

hikvision ds-2cd4212f-i(z)_firmwareMatch-

hikvision ds-2cd4212fwd-i(h)_firmwareMatch-

hikvision ds-2cd4212fwd-i(s)_firmwareMatch-

hikvision ds-2cd4212fwd-i(z)_firmwareMatch-

hikvision ds-2cd4224f-i(h)_firmwareMatch-

hikvision ds-2cd4224f-i(s)_firmwareMatch-

hikvision ds-2cd4224f-i(z)_firmwareMatch-

hikvision ds-2cd4232fwd-i(h)_firmwareMatch-

hikvision ds-2cd4232fwd-i(s)_firmwareMatch-

hikvision ds-2cd4232fwd-i(z)_firmwareMatch-

hikvision ds-2cd4312f-i(h)_firmwareMatch-

hikvision ds-2cd4312f-i(s)_firmwareMatch-

hikvision ds-2cd4312f-i(z)_firmwareMatch-

hikvision ds-2cd4324f-i(h)_firmwareMatch-

hikvision ds-2cd4324f-i(s)_firmwareMatch-

hikvision ds-2cd4324f-i(z)_firmwareMatch-

hikvision ds-2cd4332fwd-i(h)_firmwareMatch-

hikvision ds-2cd4332fwd-i(s)_firmwareMatch-

hikvision ds-2cd4332fwd-i(z)_firmwareMatch-

hikvision ds-2cd6412fwd_firmwareMatch-

AND

hikvision ds-2cd2032-iMatch-

hikvision ds-2cd2112-iMatch-

hikvision ds-2cd2132-iMatch-

hikvision ds-2cd2212-i5Match-

hikvision ds-2cd2232-i5Match-

hikvision ds-2cd2312-iMatch-

hikvision ds-2cd2332-iMatch-

hikvision ds-2cd2412f-i(w)Match-

hikvision ds-2cd2432f-i(w)Match-

hikvision ds-2cd2512f-i(s)Match-

hikvision ds-2cd2532f-i(s)Match-

hikvision ds-2cd2612f-i(s)Match-

hikvision ds-2cd2632f-i(s)Match-

hikvision ds-2cd2712f-i(s)Match-

hikvision ds-2cd2732f-i(s)Match-

hikvision ds-2cd2t32-i3Match-

hikvision ds-2cd2t32-i5Match-

hikvision ds-2cd2t32-i8Match-

hikvision ds-2cd4012f-(a)Match-

hikvision ds-2cd4012f-(p)Match-

hikvision ds-2cd4012f-(w)Match-

hikvision ds-2cd4012fwd-(a)Match-

hikvision ds-2cd4012fwd-(p)Match-

hikvision ds-2cd4012fwd-(w)Match-

hikvision ds-2cd4024f-(a)Match-

hikvision ds-2cd4024f-(p)Match-

hikvision ds-2cd4024f-(w)Match-

hikvision ds-2cd4032fwd-(a)Match-

hikvision ds-2cd4032fwd-(p)Match-

hikvision ds-2cd4032fwd-(w)Match-

hikvision ds-2cd4112f-i(z)Match-

hikvision ds-2cd4112fwd-i(z)Match-

hikvision ds-2cd4124f-i(z)Match-

hikvision ds-2cd4132fwd-i(z)Match-

hikvision ds-2cd4212f-i(h)Match-

hikvision ds-2cd4212f-i(s)Match-

hikvision ds-2cd4212f-i(z)Match-

hikvision ds-2cd4212fwd-i(h)Match-

hikvision ds-2cd4212fwd-i(s)Match-

hikvision ds-2cd4212fwd-i(z)Match-

hikvision ds-2cd4224f-i(h)Match-

hikvision ds-2cd4224f-i(s)Match-

hikvision ds-2cd4224f-i(z)Match-

hikvision ds-2cd4232fwd-i(h)Match-

hikvision ds-2cd4232fwd-i(s)Match-

hikvision ds-2cd4232fwd-i(z)Match-

hikvision ds-2cd4312f-i(h)Match-

hikvision ds-2cd4312f-i(s)Match-

hikvision ds-2cd4312f-i(z)Match-

hikvision ds-2cd4324f-i(h)Match-

hikvision ds-2cd4324f-i(s)Match-

hikvision ds-2cd4324f-i(z)Match-

hikvision ds-2cd4332fwd-i(h)Match-

hikvision ds-2cd4332fwd-i(s)Match-

hikvision ds-2cd4332fwd-i(z)Match-

hikvision ds-2cd6412fwdMatch-

Node

hikvision ds-2dfx_series_firmwareMatch-

AND

hikvision ds-2dfx_seriesMatch-

Node

hikvision ds-2cd63xx_series_firmwareMatch-

AND

hikvision ds-2cd63xx_seriesMatch-

[
  {
    "product": "Hikvision Cameras",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Hikvision Cameras"
      }
    ]
  }
]

Source	Link
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-17-124-01
hikvision	www.hikvision.com/us/about_10805.html
securityfocus	www.securityfocus.com/bid/98313
ghostbin	www.ghostbin.com/paste/q2vq2
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog
hikvision	www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/
hikvision	www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/20170314/
hikvision	www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--privilege-escalating-vulnerability-in-cer/

Parameter	Position	Path	Description	CWE
auth	query param	Security/users	Unauthenticated password change via improper authentication logic on Hikvision devices.	CWE-287
id	request body	Security/users	XML payload used to update a user password after bypassing authentication.	CWE-287
userName	request body	Security/users	XML payload used to update a user password after bypassing authentication.	CWE-287
password	request body	Security/users	XML payload used to update a user password after bypassing authentication.	CWE-287

17 Jun 2026 01:25Current

9.6High risk

Vulners AI Score9.6

CVSS 27.5

CVSS 3.19.8

EPSS0.99998

SSVC