Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices.
The company released an advisory on January 30, 2026, detailing the security flaw and urging customers to apply patches immediately.
Vulnerability Details
The vulnerability, tracked as CVE-2026-0709, stems from insufficient input validation in Hikvision’s wireless access point firmware.
Attackers with valid credentials can exploit this flaw by sending specially crafted packets containing malicious commands to compromised devices, thereby bypassing security controls and executing commands.
| Model | Vulnerable Version | Patched Version | CVE ID |
|---|---|---|---|
| DS-3WAP521-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
| DS-3WAP522-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
| DS-3WAP621E-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
| DS-3WAP622E-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
| DS-3WAP623E-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
| DS-3WAP622G-SI | V1.1.6303 build250812 and earlier | V1.1.6601 build251223 | CVE-2026-0709 |
The attack requires network access and valid authentication credentials but does not require user interaction.
Hikvision assigned the vulnerability a CVSS v3.1 base score of 7.2, which is classified as high severity.
The CVSS vector (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A: H) indicates the flaw is remotely exploitable, has low attack complexity, and requires high-level privileges.
The vulnerability impacts the confidentiality, integrity, and availability of affected systems.
This vulnerability impacts six wireless access point models from Hikvision’s DS-3WAP series. All devices running firmware version V1.1.6303 build 250812 or earlier are vulnerable to exploitation.
The affected models include DS-3WAP521-SI, DS-3WAP522-SI, DS-3WAP621E-SI, DS-3WAP622E-SI, DS-3WAP623E-SI, and DS-3WAP622G-SI.
Hikvision released a patched firmware version, V1.1.6601 build 251223, addressing the vulnerability.
Organizations operating affected access points should prioritize updating to this version immediately. Patches are available for download and deployment through Hikvision’s official support portal.
The vulnerability was discovered and reported by independent security researcher exzettabyte to Hikvision’s Security Response Center (HSRC).
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.