Home

Description

Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

PUBLISHED Reserved 2026-01-08 | Published 2026-01-30 | Updated 2026-01-30 | Assigner hikvision




HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Product status

V1.1.6303 build250812 and earlier
affected

V1.1.6303 build250812 and earlier
affected

V1.1.6303 build250812 and earlier
affected

V1.1.6303 build250812 and earlier
affected

V1.1.6303 build250812 and earlier
affected

V1.1.6303 build250812 and earlier
affected

Credits

exzettabyte finder

References

www.hikvision.com/...kvision-wireless-access-point-products/

cve.org (CVE-2026-0709)

nvd.nist.gov (CVE-2026-0709)

Download JSON