CVE-2017-7921

CRITICAL KEV NUCLEI

Hikvision Ds-2cd2032-i Firmware - Authentication Bypass

Title source: rule

Description

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.

Exploits (28)

nomisec WORKING POC 114 stars

by chrisjd20 · local

https://github.com/chrisjd20/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

View Code ZIP pw:eip

nomisec WORKING POC 100 stars

by JrDw0 · remote

https://github.com/JrDw0/CVE-2017-7921-EXP

View Code ZIP pw:eip

nomisec WORKING POC 36 stars

by BurnyMcDull · remote

https://github.com/BurnyMcDull/CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC 35 stars

by K3ysTr0K3R · remote

https://github.com/K3ysTr0K3R/CVE-2017-7921-EXPLOIT

View Code ZIP pw:eip

nomisec SCANNER 16 stars

by voidsshadows · poc

https://github.com/voidsshadows/Hikvision-City-Hunter

View Code ZIP pw:eip

nomisec WORKING POC 11 stars

by MisakaMikato · infoleak

https://github.com/MisakaMikato/cve-2017-7921-golang

View Code ZIP pw:eip

nomisec WORKING POC 6 stars

by 201646613 · infoleak

https://github.com/201646613/CVE-2017-7921

View Code ZIP pw:eip

nomisec SCANNER 5 stars

by kooroshsanaei · infoleak

https://github.com/kooroshsanaei/HikVision-CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by yousouf-Tasfin · infoleak

https://github.com/yousouf-Tasfin/cve-2017-7921-Mass-Exploit

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by Wyl-cmd · infoleak

https://github.com/Wyl-cmd/CVE-2017-7921-Research-Toolkit

View Code ZIP pw:eip

nomisec SCANNER 2 stars

by aengussong · infoleak

https://github.com/aengussong/hikvision_probe

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by KelvinWin10 · remote

https://github.com/KelvinWin10/CVE-2017-7921-rewrite

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by 0xf3d0rq · poc

https://github.com/0xf3d0rq/CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by krypton612 · infoleak

https://github.com/krypton612/hikivision

View Code ZIP pw:eip

nomisec WORKING POC

by mverschu · remote

https://github.com/mverschu/CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC

by saaydmr · poc

https://github.com/saaydmr/hikvision-exploiter

View Code ZIP pw:eip

nomisec WORKING POC

by lastvocher · poc

https://github.com/lastvocher/Hikvision-CVE-2017-7921-decryptor

View Code ZIP pw:eip

nomisec WORKING POC

by b3pwn3d · infoleak

https://github.com/b3pwn3d/CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC

by AnonkiGroup · infoleak

https://github.com/AnonkiGroup/AnonHik

View Code ZIP pw:eip

nomisec WORKING POC

by GabrielAvls · infoleak

https://github.com/GabrielAvls/CVE-2017-7921

View Code ZIP pw:eip

nomisec WORKING POC

by inj3ction · remote

https://github.com/inj3ction/CVE-2017-7921-EXP

View Code ZIP pw:eip

nomisec WORKING POC

by p4tq · remote

https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

View Code ZIP pw:eip

vulncheck_xdb WRITEUP

remote

https://github.com/diegovargasj/CVE-2025-65753

View Code ZIP pw:eip

vulncheck_xdb WORKING POC

infoleak

https://github.com/f3d0rq/CVE-2017-7921

View Code ZIP pw:eip

vulncheck_xdb

infoleak

https://github.com/initon/Hikvision---CVE-2017-7921

View on vulncheck_xdb

vulncheck_xdb

infoleak

https://github.com/fracergu/CVE-2017-7921

View on vulncheck_xdb

metasploit WORKING POC

by Monte Crypto · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/hikvision_unauth_pwd_reset_cve_2017_7921.rb

View Code ZIP pw:eip

metasploit WORKING POC

by Monte Crypto · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/hikvision_info_disclosure_cve_2017_7921.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Hikvision - Authentication Bypass

CRITICALby princechaddha

References (8)

[Various Sources] https://www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-7921

[Patch, Vendor Advisory] http://www.hikvision.com/us/about_10805.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98313

[Various Sources] https://ghostbin.com/paste/q2vq2

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01

[Various Sources] https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/20170314/

[Various Sources] https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--privilege-escalating-vulnerability-in-cer/

Scores

CVSS v3 9.8

EPSS 0.9423

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-03-05

VulnCheck KEV 2023-11-18

ENISA EUVD EUVD-2017-16892

CWE

CWE-287

Status published

Products (50)

hikvision/ds-2cd2032-i_firmware

hikvision/ds-2cd2112-i_firmware

hikvision/ds-2cd2132-i_firmware

hikvision/ds-2cd2212-i5_firmware

hikvision/ds-2cd2232-i5_firmware

hikvision/ds-2cd2312-i_firmware

hikvision/ds-2cd2332-i_firmware

hikvision/ds-2cd2412f-i\(w\)_firmware

hikvision/ds-2cd2432f-i\(w\)_firmware

hikvision/ds-2cd2512f-i\(s\)_firmware

... and 40 more

Published May 06, 2017

KEV Added Mar 05, 2026

Tracked Since Feb 18, 2026