CVE-2026-0709

HIGH

Hikvision Wireless AP - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-0709. PoCs published by XiaomingX, SnipersMaster.

AI-analyzed exploit summary The repository provides a Python script template for CVE-2026-0709, an authenticated RCE vulnerability in Hikvision Wireless APs, but lacks the actual endpoint, parameter, and authentication logic required for exploitation. It serves as a placeholder requiring manual customization.

Description

Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

Exploits (2)

github STUB 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-0709

View Code ZIP pw:eip

The repository provides a Python script template for CVE-2026-0709, an authenticated RCE vulnerability in Hikvision Wireless APs, but lacks the actual endpoint, parameter, and authentication logic required for exploitation. It serves as a placeholder requiring manual customization.

Classification

Stub 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Hikvision Wireless AP (version not specified)

Auth required

Prerequisites: valid credentials for the target device · knowledge of the vulnerable endpoint and parameter

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 11, 2026 Full analysis →

nomisec STUB

by SnipersMaster · poc

https://github.com/SnipersMaster/CVE-2026-0709

View Code ZIP pw:eip

The repository provides a Python script template for CVE-2026-0709, an authenticated RCE vulnerability in Hikvision Wireless APs, but lacks the actual exploit details (e.g., endpoint paths, parameter names). It requires manual customization based on vendor advisories or other PoCs.

Classification

Stub 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Hikvision Wireless AP

Auth required

Prerequisites: valid credentials for the target device · knowledge of the vulnerable endpoint and parameter

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 10, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-wireless-access-point-products/

Scores

CVSS v3 7.2

EPSS 0.0082

EPSS Percentile 52.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (6)

Hikvision/DS-3WAP521-SI V1.1.6303 build250812 and earlier

Hikvision/DS-3WAP522-SI V1.1.6303 build250812 and earlier

Hikvision/DS-3WAP621E-SI V1.1.6303 build250812 and earlier

Hikvision/DS-3WAP622E-SI V1.1.6303 build250812 and earlier

Hikvision/DS-3WAP622G-SI V1.1.6303 build250812 and earlier

Hikvision/DS-3WAP623E-SI V1.1.6303 build250812 and earlier

Published Jan 30, 2026

Tracked Since Feb 18, 2026