Denial of Service Vulnerability in Hikvision IP Cameras
CVE-2025-45851

7.5HIGH

Key Information:

Vendor: Hikvision
Status: DS-2CD1321-I
Vendor: CVE Published:; 27 June 2025

What is CVE-2025-45851?

A vulnerability in the Hikvision DS-2CD1321-I model allows attackers to exploit a flaw through a crafted POST request to the /ISAPI/Security/challenge endpoint. This can lead to a Denial of Service, disrupting the availability of the device and potentially compromising security. Users are advised to review their configuration and apply necessary updates to safeguard against this issue.

References

https://crashpark.weebly.com/blog/hikvision-ip-camera-una...

https://assets.hikvision.com/prd/public/all/files/202506/...

https://www.hikvision.com/en/support/download/firmware/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2025
Vulnerability Reserved
Apr 22, 2025