CVE-2013-4976

CRITICAL

Hikvision DS-2CD7153-E - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4976.

AI-analyzed exploit summary The provided code includes functional exploit scripts for multiple vulnerabilities in Hikvision IP cameras, including privilege escalation via configuration data decryption, authentication bypass using hardcoded credentials, and a buffer overflow in the RTSP packet handler leading to potential remote code execution.

Description

Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials

Exploits (1)

exploitdb WORKING POC
webappshardware
https://www.exploit-db.com/exploits/27402

The provided code includes functional exploit scripts for multiple vulnerabilities in Hikvision IP cameras, including privilege escalation via configuration data decryption, authentication bypass using hardcoded credentials, and a buffer overflow in the RTSP packet handler leading to potential remote code execution.

Classification
Working Poc 100%
Attack Type
Rce | Auth Bypass | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Hikvision IP cameras (e.g., DS-2CD7153-E) with firmware v4.1.0 b130111
Auth required
Prerequisites: Network access to the target camera · Valid user credentials for privilege escalation exploit
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/61646
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/86293

Scores

CVSS v3 9.8
EPSS 0.0935
EPSS Percentile 93.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (1)
hikvision/ds-2cd7153-e_firmware
Published Dec 27, 2019
Tracked Since Feb 18, 2026