Vulnerability detail

Enriched intelligence for a single CVE

PRO Back to KEVs

9.8

CVSS
Critical

CVE-2017-7921

PUBLISHED

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series...

1 day faster than CISA KEV

Exploited in the wild PoC available Remote Low complexity No user interaction

Vendor: Hikvision
Product: DS-2CD2xx2F-I Series, DS-2CD2xx0F-I Series, DS-2CD2xx2FWD Series, DS-2CD4x2xFWD Series, DS-2CD4xx5 Series, DS-2DFx Series, DS-2CD63xx Series
Published: May 06, 2017
EPSS: 94.2% · 100% pctl

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.

cisa nuclei_scanner

Weaknesses (CWE)

CWE-287

Improper Authentication

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 7.5 High

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2026-06-01 13:30:35 UTC · CISA

Proof of concept available

Recorded 2020-04-27 11:49:40 UTC · GitHub

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CVE First	2026-06-01 11:37 UTC
CISA	2026-06-02 14:02 UTC

Scanner integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-7921.yaml	Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

kooroshsanaei/HikVision-CVE-2017-7921

github · Created 2024-07-02 11:47:35 UTC · 5 stars

Test For CVE-2017–7921;

b3pwn3d/CVE-2017-7921

github · Created 2023-11-20 18:44:13 UTC · 0 stars

fracergu/CVE-2017-7921

github · Created 2023-08-27 17:29:48 UTC · 1 stars

CVE-2017-7921 exploit. Allows admin password retrieval and automatic snapshot download.

K3ysTr0K3R/CVE-2017-7921-EXPLOIT

github · Created 2023-07-24 14:48:38 UTC · 21 stars

A PoC exploit for CVE-2017-7921 - Hikvision Camera Series Improper Authentication Vulnerability.

inj3ction/CVE-2017-7921-EXP

github · Created 2022-10-19 13:48:49 UTC · 0 stars

201646613/CVE-2017-7921

github · Created 2022-07-20 07:07:07 UTC · 6 stars

CVE-2017-7921-EXP Hikvision camera

p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

github · Created 2022-06-15 03:49:05 UTC · 0 stars

chrisjd20/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

github · Created 2021-01-29 16:08:35 UTC · 102 stars

This python file will decrypt the configurationFile used by hikvision cameras vulnerable to CVE-2017-7921.

BurnyMcDull/CVE-2017-7921

github · Created 2020-11-12 09:02:10 UTC · 36 stars

海康威视未授权访问检测poc及口令爆破

JrDw0/CVE-2017-7921-EXP

github · Created 2020-04-27 11:49:40 UTC · 90 stars

Hikvision camera CVE-2017-7921-EXP

Timeline

CVE ID Reserved

2017-04-18 00:00 UTC
CVE Published to Public

2017-05-06 00:00 UTC
Proof of Concept Exploit Available

2020-04-27 11:49 UTC
Detected by Nuclei

2025-04-25 00:00 UTC
Added to KEVIntel

2026-06-01 11:37 UTC
KEV confirmed by CISA

2026-06-02 14:02 UTC