CVE-2017-7921 – Hikvision IP Cameras, DVRs, and NVR Devices Authentication Bypass Vulnerability

This patch addresses a critical authentication bypass vulnerability (CVE-2017-7921) affecting Hikvision IP cameras, DVRs, and NVR devices. The issue exists in the device authentication mechanism, where a flaw allows attackers to bypass login controls and access sensitive device functions without valid credentials.

An attacker can exploit this weakness by sending specially crafted requests to the device interface, allowing unauthorized access to configuration data and administrative features. Once exploited, attackers can retrieve sensitive information such as administrator credentials and system configuration files, enabling full control over affected surveillance systems. CVE-2017-7921 carries a CVSS v3.1 score of 9.8 (Critical).

Hikvision released firmware updates to correct the authentication logic and remove the backdoor-style access path. Devices running older firmware versions remain vulnerable and may allow attackers to monitor, modify, or disable surveillance operations if the update is not applied. Public proof-of-concept exploit code exists and the vulnerability has been widely abused in real-world attacks targeting exposed devices.