Skip to main content
CVE-2017-7921 CRITICAL POC KEV PATCH THREAT Act Now

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Authentication Bypass Hikvision
NVD
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2017-7925 CRITICAL POC PATCH THREAT Act Now

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 80.4%.

Information Disclosure Dahua Dh Ipc Hdbw23A0Rn Zs Firmware Dh Ipc Hdbw13A0Sn Firmware Dh Ipc Hdw1Xxx Firmware +12
NVD
CVSS 3.0
9.8
EPSS
80.4%
Threat
5.9
CVE-2017-7909 CRITICAL Act Now

A Use of Client-Side Authentication issue was discovered in Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mesr901 Firmware
NVD
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy