Search criteria
16 vulnerabilities found for dvr2108h by dahuasecurity
VAR-201309-0168
Vulnerability from variot - Updated: 2023-12-18 12:09Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port. Digital video recorders (DVR) produced by Dahua Technology Co., Ltd. contain multiple vulnerabilities that could allow a remote attacker to gain privileged access to the devices. Dahua Security DVR Appliances accept UPnP requests from external untrusted devices, which can cause the telnet port of the DVR application device to be automatically redirected and accessed by external entities. These default conditions allow external attackers to detect the device and use the built-in account to authenticate. Access the device. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0168",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dvr2104c",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2116hc",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2116he",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5204a",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2108hc",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2104hc",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2108he",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2116c",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5216l",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2108c",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hf-al-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr3204hf-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hf-s-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hf-l-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5404",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hf-a-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr3224l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5116h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5116he",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5808",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hd-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hf-s-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hd-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2104he",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2108h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2404lf-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr6404lf-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hd-a",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hf-s-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hd-l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5208a",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr3204lf-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5108h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hf-al-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hf-u-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5108c",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr3204lf-al",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2404hf-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2404lf-al",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hd-s",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5104he",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5208l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hd-l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2104h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5108he",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5216a",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5816",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hd-u",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5104c",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hf-l-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5204l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5408",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hf-a-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hf-u-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr3232l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5804",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hf-a-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0804hd-l",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5104h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hf-u-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr2116h",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5416",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr5116c",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr1604hf-al-e",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dvr0404hd-a",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hd-l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hd-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hd-u",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hf-a-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hf-al-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hf-s-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0404hf-u-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hd-l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hd-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hf-a-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hf-al-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hf-l-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hf-s-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr0804hf-u-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hd-l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hd-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hf-a-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hf-al-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hf-l-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hf-s-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr1604hf-u-e",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2104c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2104h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2104hc",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2104he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2108c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2108h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2108hc",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2108he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2116c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2116h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2116hc",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2116he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2404hf-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2404lf-al",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr2404lf-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr3204hf-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr3204lf-al",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr3204lf-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr3224l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr3232l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5104c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5104h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5104he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5108c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5108h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5108he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5116c",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5116h",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5116he",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5204a",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5204l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5208a",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5208l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5216a",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5216l",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5404",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5408",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5416",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5804",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5808",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr5816",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dvr6404lf-s",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "security dvr appliances",
"scope": null,
"trust": 0.6,
"vendor": "dahua",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3613"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrey Bezborodov, Kirill Ermakov, Alexander Raspopov, and Dmitry Sklyarov of Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "62402"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3613",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13179",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3613",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-13179",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-263",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port. Digital video recorders (DVR) produced by Dahua Technology Co., Ltd. contain multiple vulnerabilities that could allow a remote attacker to gain privileged access to the devices. Dahua Security DVR Appliances accept UPnP requests from external untrusted devices, which can cause the telnet port of the DVR application device to be automatically redirected and accessed by external entities. These default conditions allow external attackers to detect the device and use the built-in account to authenticate. Access the device. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CERT/CC",
"id": "VU#800094"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "BID",
"id": "62402"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800094",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2013-3613",
"trust": 3.3
},
{
"db": "BID",
"id": "62402",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU99181254",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-13179",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800094"
},
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "BID",
"id": "62402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"id": "VAR-201309-0168",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13179"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13179"
}
]
},
"last_update_date": "2023-12-18T12:09:08.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dahuasecurity.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.dahuasecurity.com/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3613"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu99181254"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3613"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62402"
},
{
"trust": 0.3,
"url": "http://www.dahuasecurity.com/products_category/dvr-2.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800094"
},
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "BID",
"id": "62402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800094"
},
{
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"db": "BID",
"id": "62402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-13T00:00:00",
"db": "CERT/CC",
"id": "VU#800094"
},
{
"date": "2013-09-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"date": "2013-09-13T00:00:00",
"db": "BID",
"id": "62402"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"date": "2013-09-17T12:04:24.757000",
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"date": "2013-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-04T00:00:00",
"db": "CERT/CC",
"id": "VU#800094"
},
{
"date": "2013-09-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13179"
},
{
"date": "2013-09-13T00:00:00",
"db": "BID",
"id": "62402"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004184"
},
{
"date": "2013-09-17T18:35:37.030000",
"db": "NVD",
"id": "CVE-2013-3613"
},
{
"date": "2017-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dahua Security DVRs contain multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800094"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-263"
}
],
"trust": 0.6
}
}
FKIE_CVE-2013-5754
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de autorizaci\u00f3n en Dahua DVR acepta un hash representando la fecha actual para el rol de contrase\u00f1a maestra, lo que hace m\u00e1s f\u00e1cil para un atacante remoto obtener acceso administrativo y cambiar la contrase\u00f1a de administrador a trav\u00e9s de peticiones (1) ActiveX, (2) cliente standalone o (3) vectores no especificados, una vulnerabilidad diferente a CVE-2013-3612"
}
],
"id": "CVE-2013-5754",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:28.820",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3614
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack."
},
{
"lang": "es",
"value": "Los aparatos Dahua DVR tienen un valor peque\u00f1o para la m\u00e1xima longitud de la contrase\u00f1a, lo que facilita a atacantes remotos el acceso a trav\u00e9s de ataques de fuerza bruta."
}
],
"id": "CVE-2013-3614",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:24.757",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3612
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified \"backdoor\" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors."
},
{
"lang": "es",
"value": "Los dispositivos Dahua DVR tiene una contrase\u00f1a fija para (1) la cuenta de administrador y (2) una cuenta de puerta trasera no especificada, lo que facilita a atacantes remotos a obtener acceso administrativo a trav\u00e9s de peticiones de autorizaci\u00f3n a trav\u00e9s de (a) ActiveX, (b) un cliente aut\u00f3nomo, o (c) otros vectores desconocidos."
}
],
"id": "CVE-2013-3612",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:24.743",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3613
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port."
},
{
"lang": "es",
"value": "Los dispositivos Dahua DVR no restringen adecuadamente las peticiones UPnP, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos conseguir acceso a trav\u00e9s de vectores que involucran un ataque por repetici\u00f3n contra el puerto Telnet ."
}
],
"id": "CVE-2013-3613",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:24.757",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3615
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack."
},
{
"lang": "es",
"value": "Los DVR Dashua usan un algoritmo de hash para contrase\u00f1as con una longitud de hash corta lo que facilita a atacantes en el contexto descubrir contrase\u00f1as de texto plano a trav\u00e9s de ataques de fuerza bruta"
}
],
"id": "CVE-2013-3615",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:24.773",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-5754 (GCVE-0-2013-5754)
Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-16 17:47
VLAI?
Summary
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5754",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-09-17T00:00:00Z",
"dateUpdated": "2024-09-16T17:47:41.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3614 (GCVE-0-2013-3614)
Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-17 03:02
VLAI?
Summary
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3614",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-17T03:02:59.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3612 (GCVE-0-2013-3612)
Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-16 22:44
VLAI?
Summary
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified \"backdoor\" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified \"backdoor\" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3612",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T22:44:59.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3613 (GCVE-0-2013-3613)
Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-16 18:33
VLAI?
Summary
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3613",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T18:33:47.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3615 (GCVE-0-2013-3615)
Vulnerability from cvelistv5 – Published: 2013-09-17 10:00 – Updated: 2024-09-16 23:26
VLAI?
Summary
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3615",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T23:26:38.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5754 (GCVE-0-2013-5754)
Vulnerability from nvd – Published: 2013-09-17 10:00 – Updated: 2024-09-16 17:47
VLAI?
Summary
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5754",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-09-17T00:00:00Z",
"dateUpdated": "2024-09-16T17:47:41.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3614 (GCVE-0-2013-3614)
Vulnerability from nvd – Published: 2013-09-17 10:00 – Updated: 2024-09-17 03:02
VLAI?
Summary
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3614",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-17T03:02:59.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3612 (GCVE-0-2013-3612)
Vulnerability from nvd – Published: 2013-09-17 10:00 – Updated: 2024-09-16 22:44
VLAI?
Summary
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified \"backdoor\" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified \"backdoor\" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3612",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T22:44:59.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3613 (GCVE-0-2013-3613)
Vulnerability from nvd – Published: 2013-09-17 10:00 – Updated: 2024-09-16 18:33
VLAI?
Summary
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3613",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T18:33:47.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3615 (GCVE-0-2013-3615)
Vulnerability from nvd – Published: 2013-09-17 10:00 – Updated: 2024-09-16 23:26
VLAI?
Summary
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#800094",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#800094",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/800094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3615",
"datePublished": "2013-09-17T10:00:00Z",
"dateReserved": "2013-05-21T00:00:00Z",
"dateUpdated": "2024-09-16T23:26:38.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}