FKIE_CVE-2013-5754
Vulnerability from fkie_nvd - Published: 2013-09-17 12:04 - Updated: 2025-04-11 00:51
Severity ?
Summary
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/800094 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/800094 | US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "313F4232-70E0-4AB0-BA7E-AF2F510D2328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4442C322-0A13-4DBA-B98C-D40D50B946D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD609FF-76C4-4932-8374-8D3D9D63592C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A8928-B495-44B0-A753-C70F5C46A754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5EE183-1AB4-4FE7-B37A-EE075CF74356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BACC205C-2447-4F10-8268-F9662D98149E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A061036B-1D4A-4749-90E8-BA59C256D28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F91BAA-C7BB-431D-B4F0-0575FED893B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB3397-F501-4B45-90CB-CE4BD6480BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8147908F-8B80-4555-A1FC-23F915D3678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3331E31E-BAF4-4E67-ACBA-FB54FA1F5A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF14CE5-75DB-49A9-8D72-1824CCDF64BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9398DD-6803-4AC6-87BF-47818EDC070B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A019481-DEBA-4A34-AA93-8A69CA77D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17A6F004-BE00-45C9-9036-2554D0AF9AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D6977A-FD78-4FBB-B253-F4D05E84724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC97F4D-CDF4-4657-8CE9-983D449D68DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A534FC68-6283-4699-B88D-C8B19948F5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6F6566-22EC-419B-9C52-1F1E7968054D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3371494-B978-4CF7-9CE0-F0E02D5ED109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4109C9D1-C945-4B09-8B3F-8684B0368E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95CA0C63-769D-461B-A527-212E4D86C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3705696-67F7-456F-B01B-EB225D026E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EF215E-0D60-4EA0-A0F0-17E7A0708AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29D5259-784B-4BE1-824C-328B1496E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7098BA-17A1-445B-861F-AC1EB2B8DE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D7CB-509E-4064-A34D-ED86C399CB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65090492-28C0-4792-AF74-00B12C097237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E08868C-A6AB-45EF-AE59-11CD42C981B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9863056-8267-4EB9-9069-2C95DC81ACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "843BED52-F880-4B14-ABDF-3E02B2971451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82762B60-0B2F-4F41-A220-6C8A6E0EBE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DFE663-0950-4AA6-A942-BD2254AE4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883BE886-B417-4ACD-9354-CD505B4A453B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2169A9-C0BD-4CBF-8EB7-63E2F8C6E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44948964-3B54-40DC-ABD2-87B2F4FB3CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB60AA8-2F5D-4FD9-BC02-A210A70915D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D45FF54-F6FE-4E1F-AE46-7205C3605B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D5A44-03D4-458D-A9B6-B604E21099F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AAA487-E291-469F-96DE-7F8C431DA0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBC0C4F-02C9-4863-A7EC-3DD1CA8C46DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2706B-8FA9-4F14-B6B9-072B09D434E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0657A79A-4F0D-49C6-99BC-164CA6E37927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53925C1F-8529-4B05-A9D7-AD5E5227BFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5658A5-3E2E-4325-8DCE-FD58B9017096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9FC045-5E4A-406D-B0EC-D76CF4C45EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FAA240-3CDE-42A4-9D9B-8C7E2D9F7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92975CB-83E2-437B-B8DF-1C28A4D9F224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561309BE-583D-4A0C-935F-7689CA1B810B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39AAA619-C015-40E2-86EC-D314312F20BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CB3985-7D5D-4195-8DE6-89E08212EAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4050EDA-3385-4E04-B7E7-505C329498DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAAEC26-BA9F-416F-8046-26E314AC0552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018D1BD3-4150-43DB-8F4C-B77F5738546C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A098A2D-A6BB-456C-AE21-18A1747D67A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D42B705-D313-42D7-8761-1E274ACD4702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF2E145-1AC2-434C-A678-CF0D42AA1F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36A06202-EFC9-4D75-9F7A-61BA50EF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD77B729-AA55-405C-8C80-1E9412DA2369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C54180BF-913A-439E-B1BA-17C9D3B28504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70ED8BBB-BD38-49B2-AE52-2B17A8C0DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "993F3FAB-5E9B-450A-88C0-B078E58CE59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E81B56D-4DDE-4B5D-A148-D52522CC4910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D726F454-7BED-4872-B7E8-82C62BCD5936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71518708-D7E6-4CAC-BD9F-3E364416AC92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de autorizaci\u00f3n en Dahua DVR acepta un hash representando la fecha actual para el rol de contrase\u00f1a maestra, lo que hace m\u00e1s f\u00e1cil para un atacante remoto obtener acceso administrativo y cambiar la contrase\u00f1a de administrador a trav\u00e9s de peticiones (1) ActiveX, (2) cliente standalone o (3) vectores no especificados, una vulnerabilidad diferente a CVE-2013-3612"
}
],
"id": "CVE-2013-5754",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-17T12:04:28.820",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/800094"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…