Search criteria
2 vulnerabilities found for ipc-hdw1xxx by dahuasecurity
VAR-201906-0243
Vulnerability from variot - Updated: 2023-12-18 14:05Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability. Dahua IPC-HFW1XXX , IPC-HDW1XXX , IPC-HFW2XXX The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DahuaIPC-HFW1XXX and so on are all IP cameras from Dahua, China
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipc-hfw2xxx",
"scope": "lt",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": "2018-11"
},
{
"model": "ipc-hdw1xxx",
"scope": "lt",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": "2018-11"
},
{
"model": "ipc-hfw1xxx",
"scope": "lt",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": "2018-11"
},
{
"model": "ipc-hdw1xxx",
"scope": "eq",
"trust": 0.8,
"vendor": "dahua",
"version": "2018/11"
},
{
"model": "ipc-hfw1xxx",
"scope": "eq",
"trust": 0.8,
"vendor": "dahua",
"version": "2018/11"
},
{
"model": "ipc-hfw2xxx",
"scope": "eq",
"trust": 0.8,
"vendor": "dahua",
"version": "2018/11"
},
{
"model": "ipc-hdw1xxx",
"scope": null,
"trust": 0.6,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw2xxx",
"scope": null,
"trust": 0.6,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw1xxx",
"scope": null,
"trust": 0.6,
"vendor": "dahua",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2018-11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw1xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2018-11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdw1xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2018-11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw2xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9676"
}
]
},
"cve": "CVE-2019-9676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-9676",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-17496",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-9676",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9676",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-17496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-556",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability. Dahua IPC-HFW1XXX , IPC-HDW1XXX , IPC-HFW2XXX The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DahuaIPC-HFW1XXX and so on are all IP cameras from Dahua, China",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "CNVD",
"id": "CNVD-2019-17496"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9676",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-17496",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"id": "VAR-201906-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
}
],
"trust": 1.1944444333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
}
]
},
"last_update_date": "2023-12-18T14:05:08.331000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory - Buffer overflow vulnerability found in some Dahua IP Camera devices",
"trust": 0.8,
"url": "https://www.dahuasecurity.com/support/cybersecurity/details/617"
},
{
"title": "Patch for DahuaIPC-HFW1XXX, IPC-HDW1XXX, and IPC-HFW2XXX Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/163559"
},
{
"title": "Dahua IPC-HFW1XXX , IPC-HDW1XXX and IPC-HFW2XXX Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93789"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.dahuasecurity.com/support/cybersecurity/details/617"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9676"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"date": "2019-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"date": "2019-06-12T15:29:00.957000",
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"date": "2019-06-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-17496"
},
{
"date": "2019-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005507"
},
{
"date": "2019-06-17T19:13:22.717000",
"db": "NVD",
"id": "CVE-2019-9676"
},
{
"date": "2019-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Dahua IP Camera Buffer error vulnerability in product devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005507"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-556"
}
],
"trust": 0.6
}
}
VAR-201711-1047
Vulnerability from variot - Updated: 2023-12-18 13:57Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker. Dahua IP Camera and IP PTZ Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dahua Technology IP Camera. Authentication is not required to exploit this vulnerability.The specific flaw exists within the disaster recovery password functionality. If the device uses its default settings, the password generation algorithm produces a predictable result. An attacker can leverage this vulnerability to gain control of the device under attack. Dahua IPC-HFW and others are network camera equipment of Dahua Company of China. There are security vulnerabilities in several Dahua products. An attacker could use this vulnerability to reset the administrator password. Dahua IPC-HFW, etc. The following products are affected: Dahua IPC-HFW1XXX Build 2015/07 to 2017/03; IPC-HDW1XXX Build 2015/07 to 2017/03; IPC-HDBW1XXX Build 2015/07 to 2017/03; IPC- HFW2XXX Build 2015/07 to 2017/03; IPC-HDW2XXX Build 2015/07 to 2017/03; IPC-HDBW2XXX Build 2015/07 to 2017/03; IPC-HFW4XXX Build 2015/07 to 2017 /03 version; IPC-HDW4XXX Build 2015/07 to 2017/03 version; IPC-HDBW4XXX Build 2015/07 to 2017/03 version; IPC-HF5XXX Build 2015/07 to 2017/03 version; IPC-HFW5XXX Build 2015/07 to 2017/03; IPC-HDW5XXX Build 2015/07 to 2017/03; IPC-HDBW5XXX Build 2015/07 to 2017/03; IPC-HF8XXX Build 2015/07 to 2017/03 Version; IPC-HFW8XXX Build 2015/07 to 2017/03; IPC-HDBW8XXX Build 2015/07 to 2017/03; IPC-EBW8XXX Build 2015/07 to 2017/03; IPC-PFW8xxx Build 2015/ 07 version to 2017/03 version; IPC-PDBW8xxx Build 2015/07 version to 2017/03 version; IPC-HUM8xxx Build 2015/07 version to 2017/03 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-1047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipc-hfw1xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hfw2xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hf5xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hfw4xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdbw2xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdw2xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdw4xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdbw1xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdw1xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdbw4xxx",
"scope": "eq",
"trust": 1.6,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dh-sd5xxxxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdbw8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdbw5xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dh-sd2xxxxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dh-sd4xxxxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-ebw8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-pdbw8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hum8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-pfw8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hdw5xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dh-sd6xxxxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hfw8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hf8xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "psd8xxxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "ipc-hfw5xxx",
"scope": "eq",
"trust": 1.0,
"vendor": "dahuasecurity",
"version": null
},
{
"model": "dh-ipc-hdw1xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-ipc-hdw2xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-ipc-hdw4xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-ipc-hfw1xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-sd2xxxxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-sd4xxxxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-sd5xxxxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "dh-sd6xxxxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-ebw8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdbw1xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdbw2xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdbw4xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdbw5xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdbw8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hdw5xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hf5xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hf8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw2xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw4xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw5xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hfw8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-hum8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-pdbw8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ipc-pfw8xxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "psd8xxxx",
"scope": null,
"trust": 0.8,
"vendor": "dahua",
"version": null
},
{
"model": "ip camera",
"scope": null,
"trust": 0.7,
"vendor": "dahua",
"version": null
},
{
"model": "security ipc-hf5xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hfw5xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdw5xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdbw5xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hf8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hfw8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdbw8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-ebw8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-pfw8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-pdbw8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hum8xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security psd",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hfw1xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdw1xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdbw1xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hfw2xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdw2xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdbw2xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hfw4xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security ipc-hdw4xxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security dh-sd6xxxxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security dh-sd5xxxxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security dh-sd4xxxxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
},
{
"model": "security dh-sd2xxxxx",
"scope": "gte",
"trust": 0.6,
"vendor": "dahua",
"version": "2015/07,\u003c=2017/03"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw1xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdw1xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdbw1xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdbw1xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw2xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdw2xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdbw2xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdbw2xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw4xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdw4xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdbw4xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hf5xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hf5xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw5xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw5xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdw5xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdw5xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdbw5xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hf8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hfw8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hfw8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hdbw8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hdbw8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-ebw8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-ebw8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-pfw8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-pfw8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:dh-sd2xxxxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dh-sd2xxxxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-pdbw8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-pdbw8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:ipc-hum8xxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:ipc-hum8xxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:psd8xxxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:psd8xxxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:dh-sd4xxxxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dh-sd4xxxxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:dh-sd5xxxxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dh-sd5xxxxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dahuasecurity:dh-sd6xxxxx_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dahuasecurity:dh-sd6xxxxx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9315"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kenney Lu Trend Micro",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
}
],
"trust": 0.7
},
"cve": "CVE-2017-9315",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-9315",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-9315",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-38224",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117518",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9315",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9315",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-9315",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-38224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-1393",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-117518",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker. Dahua IP Camera and IP PTZ Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dahua Technology IP Camera. Authentication is not required to exploit this vulnerability.The specific flaw exists within the disaster recovery password functionality. If the device uses its default settings, the password generation algorithm produces a predictable result. An attacker can leverage this vulnerability to gain control of the device under attack. Dahua IPC-HFW and others are network camera equipment of Dahua Company of China. There are security vulnerabilities in several Dahua products. An attacker could use this vulnerability to reset the administrator password. Dahua IPC-HFW, etc. The following products are affected: Dahua IPC-HFW1XXX Build 2015/07 to 2017/03; IPC-HDW1XXX Build 2015/07 to 2017/03; IPC-HDBW1XXX Build 2015/07 to 2017/03; IPC- HFW2XXX Build 2015/07 to 2017/03; IPC-HDW2XXX Build 2015/07 to 2017/03; IPC-HDBW2XXX Build 2015/07 to 2017/03; IPC-HFW4XXX Build 2015/07 to 2017 /03 version; IPC-HDW4XXX Build 2015/07 to 2017/03 version; IPC-HDBW4XXX Build 2015/07 to 2017/03 version; IPC-HF5XXX Build 2015/07 to 2017/03 version; IPC-HFW5XXX Build 2015/07 to 2017/03; IPC-HDW5XXX Build 2015/07 to 2017/03; IPC-HDBW5XXX Build 2015/07 to 2017/03; IPC-HF8XXX Build 2015/07 to 2017/03 Version; IPC-HFW8XXX Build 2015/07 to 2017/03; IPC-HDBW8XXX Build 2015/07 to 2017/03; IPC-EBW8XXX Build 2015/07 to 2017/03; IPC-PFW8xxx Build 2015/ 07 version to 2017/03 version; IPC-PDBW8xxx Build 2015/07 version to 2017/03 version; IPC-HUM8xxx Build 2015/07 version to 2017/03 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9315",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4956",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-130",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-38224",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117518",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"id": "VAR-201711-1047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
}
],
"trust": 1.580443946875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-38224"
}
]
},
"last_update_date": "2023-12-18T13:57:10.426000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dahuasecurity.com/"
},
{
"title": "Dahua Technology has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://www.dahuasecurity.com/support/cybersecurity/annoucementnotice/152"
},
{
"title": "Patches for multiple Dahua product password reset vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/111791"
},
{
"title": "Multiple Dahua Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99835"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9315"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9315"
},
{
"trust": 0.7,
"url": "http://www.dahuasecurity.com/support/cybersecurity/annoucementnotice/152"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"db": "VULHUB",
"id": "VHN-117518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-19T00:00:00",
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"date": "2017-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"date": "2017-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-117518"
},
{
"date": "2018-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"date": "2017-11-28T19:29:00.400000",
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"date": "2017-05-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-19T00:00:00",
"db": "ZDI",
"id": "ZDI-18-130"
},
{
"date": "2017-12-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-38224"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117518"
},
{
"date": "2018-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011143"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-9315"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dahua IP Camera and IP PTZ Cryptographic vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011143"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-1393"
}
],
"trust": 0.6
}
}