CVE-2026-0709_CVE-2026-0709

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.

Basic Information

ID CVE-2026-0709

Source hikvision

Published Jan 30, 2026 at 11:01

Affected Product

Vendor Hikvision

Product DS-3WAP521-SI

Version V1.1.6303 build250812 and earlier

Affected Versions Hikvision DS-3WAP521-SI V1.1.6303 build250812 and earlier
Hikvision DS-3WAP522-SI V1.1.6303 build250812 and earlier
Hikvision DS-3WAP621E-SI V1.1.6303 build250812 and earlier
Hikvision DS-3WAP622E-SI V1.1.6303 build250812 and earlier
Hikvision DS-3WAP623E-SI V1.1.6303 build250812 and earlier
Hikvision DS-3WAP622G-SI V1.1.6303 build250812 and earlier

References

www.hikvision.com /en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-wireless-access-point-products/

{
    "lastseen": "",
    "description": "Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.",
    "published": "2026-01-30T11:01:55.633Z",
    "modified": "2026-01-30T11:01:55.633Z",
    "type": "cve",
    "title": "CVE-2026-0709",
    "source": "hikvision",
    "references": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-wireless-access-point-products/",
    "id": "CVE-2026-0709",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Hikvision DS-3WAP521-SI V1.1.6303 build250812 and earlier\nHikvision DS-3WAP522-SI V1.1.6303 build250812 and earlier\nHikvision DS-3WAP621E-SI V1.1.6303 build250812 and earlier\nHikvision DS-3WAP622E-SI V1.1.6303 build250812 and earlier\nHikvision DS-3WAP623E-SI V1.1.6303 build250812 and earlier\nHikvision DS-3WAP622G-SI V1.1.6303 build250812 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DS-3WAP521-SI",
    "version": "V1.1.6303 build250812 and earlier",
    "vendor": "Hikvision",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply