CVE-2025-45851
BaseFortify
Publication date: 2025-06-27
Last updated on: 2025-06-30
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects the Hikvision DS-2CD1321-I IP camera running firmware V5.7.21 build 230819. An attacker can send an unauthenticated specially crafted POST request to the /ISAPI/Security/challenge endpoint, specifically by setting the PrivateKey parameter to a very large payload (~100,000 characters). By carefully timing these requests, the attacker can exhaust the device's resources, causing the davinci process to crash and forcing the camera to reboot, resulting in a temporary Denial of Service (DoS). [1]
How can this vulnerability impact me? :
This vulnerability can impact you by causing a Denial of Service on the affected Hikvision IP camera, making the device temporarily unavailable. This disruption can affect critical surveillance systems by forcing the camera to reboot repeatedly, potentially leaving areas unmonitored and compromising security. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthenticated POST requests to the /ISAPI/Security/challenge endpoint with unusually large payloads, especially the PrivateKey parameter set to around 100,000 characters. Network traffic analysis tools like tcpdump or Wireshark can be used to capture such requests. Additionally, hardware-level investigation using UART interface monitoring at 115200 baud rate can confirm the device's resource exhaustion and process crashes. Example command to capture HTTP POST requests to the endpoint: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/ISAPI/Security/challenge'. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the Hikvision DS-2CD1321-I camera firmware to the vendor-provided patched version that limits the number of device connections to prevent resource exhaustion. Until the patch is applied, restrict network access to the vulnerable endpoint by implementing firewall rules or network segmentation to block unauthenticated POST requests to /ISAPI/Security/challenge. Monitoring and alerting on suspicious traffic targeting this endpoint can also help mitigate attacks. [1]