FKIE_CVE-2021-33046

Vulnerability from fkie_nvd - Published: 2022-01-13 21:15 - Updated: 2024-11-21 06:08
Severity
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.
References
cybersecurity@dahuatech.comhttps://support.dahuatech.com/networkSecurity/securityDetails?id=95Vendor Advisory
cybersecurity@dahuatech.comhttps://www.dahuasecurity.com/support/cybersecurity/details/957Not Applicable
cybersecurity@dahuatech.comhttps://www.dahuasecurity.com/support/cybersecurity/details/987Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.dahuatech.com/networkSecurity/securityDetails?id=95Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.dahuasecurity.com/support/cybersecurity/details/957Not Applicable
af854a3a-2127-422b-91ae-364da2661108https://www.dahuasecurity.com/support/cybersecurity/details/987Vendor Advisory
Impacted products
Vendor Product Version
dahuasecurity ipc-hx1xxx_firmware *
dahuasecurity ipc-hx1xxx -
dahuasecurity ipc-hx2xxx_firmware *
dahuasecurity ipc-hx2xxx -
dahuasecurity ipc-hx3xxx_firmware *
dahuasecurity ipc-hx3xxx -
dahuasecurity ipc-hx5\(4\)\(3\)xxx_firmware *
dahuasecurity ipc-hx5\(4\)\(3\)xxx -
dahuasecurity ipc-hx5xxx_firmware *
dahuasecurity ipc-hx5xxx -
dahuasecurity sd1a1_firmware *
dahuasecurity sd1a1 -
dahuasecurity sd22_firmware *
dahuasecurity sd22 -
dahuasecurity sd49_firmware *
dahuasecurity sd49 -
dahuasecurity sd50_firmware *
dahuasecurity sd50 -
dahuasecurity sd52c_firmware *
dahuasecurity sd52c -
dahuasecurity sd6al_firmware *
dahuasecurity sd6al -
dahuasecurity tpc-bf1241_firmware *
dahuasecurity tpc-bf1241 -
dahuasecurity tpc-bf2221_firmware *
dahuasecurity tpc-bf2221 -
dahuasecurity tpc-bf5x01_firmware *
dahuasecurity tpc-bf5x01 -
dahuasecurity tpc-pt8x21x_firmware *
dahuasecurity tpc-pt8x21x -
dahuasecurity tpc-sd2221_firmware *
dahuasecurity tpc-sd2221 -
dahuasecurity tpc-sd8x21_firmware *
dahuasecurity tpc-sd8x21 -
dahuasecurity nvr1xxx_firmware *
dahuasecurity nvr1xxx -
dahuasecurity nvr2xxx_firmware *
dahuasecurity nvr2xxx -
dahuasecurity nvr4xxx_firmware *
dahuasecurity nvr4xxx -
dahuasecurity nvr5xxx_firmware *
dahuasecurity nvr5xxx -
dahuasecurity xvr4xxx_firmware *
dahuasecurity xvr4xxx -
dahuasecurity xvr5xxx_firmware *
dahuasecurity xvr5xxx -
dahuasecurity xvr7xxx_firmware *
dahuasecurity xvr7xxx -
dahuasecurity hcvr7xxx_firmware *
dahuasecurity hcvr7xxx -
dahuasecurity hcvr8xxx_firmware *
dahuasecurity hcvr8xxx -
dahuasecurity vtox20xf_firmware *
dahuasecurity vtox20xf -
dahuasecurity asc2204c_firmware *
dahuasecurity asc2204c -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:ipc-hx1xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB15A66-CCC4-4CA8-AF25-D8D9A81BE796",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:ipc-hx1xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC27C4B9-35AA-4CD1-8E30-97D79CA76B30",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB50E813-E761-4575-B670-4C7F812952CB",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8887C8-C335-4EBB-BC7F-D4F8D8205DAE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC72741-163E-4659-B3F4-D161925F3DE6",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8936A118-4AB5-4B09-A9FD-E624A68315BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:ipc-hx5\\(4\\)\\(3\\)xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C35319-8C5A-461C-AB41-989B63EF19CB",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:ipc-hx5\\(4\\)\\(3\\)xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F079822C-4C64-41E3-9A17-F9A56D5B5E91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA70CB5-B4C0-48D3-ACE8-FF846083BB70",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2838BDA-97FF-498E-BC81-955D31B9227A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd1a1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C3A6AD-19F7-4325-89B4-944B8393C739",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd1a1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88AD58DE-D990-4C98-853B-21B79CD07EEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd22_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECB8CCE-F925-437B-8B6E-4690B92D4F80",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd22:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "428852DE-BDE3-4CE4-972C-821E88C7F930",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd49_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31D5F604-135F-4F17-8093-EE8AEA0408AF",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd49:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "627C0AE8-01B2-4807-8284-EFE6140598B5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBB0CC4-4B58-46A4-83FC-11744B2A145B",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "984AD4D5-D689-4150-A1EE-D48B81CBB7C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DFAF598-BDBD-4351-A72A-136F606AD8D5",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA0D206-5BE7-4592-8D3E-641F47164770",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61D99F5-DE6B-445F-93B6-ECC2DFC41122",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C35F4371-334B-4EA8-8F48-498C81652F7C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-bf1241_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6412DA-4BC4-4326-91DF-7F26572CEFA4",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-bf1241:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B58CBF-EB67-4F02-BBAE-FFC329B8873C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-bf2221_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D5E183-2F9C-4B81-AC1E-B7C3420594C2",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-bf2221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E314BF6-76B4-4ADB-B555-7DAF92F60485",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-bf5x01_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D95CC99-5249-4F67-B318-11F68CD42BBA",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-bf5x01:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EA0704-EC7A-457A-9AC1-A39B07229DFE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-pt8x21x_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A231CFA-4CBB-4B0B-AC9D-3BAAA1B0A78B",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-pt8x21x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "296AE38D-36C0-430F-BFB2-9FB2B5087C83",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-sd2221_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63FB807B-14F6-4D09-BF06-039BDD7C6F19",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-sd2221:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D166CD0E-92CC-44FA-A520-FFFEBE2D7D50",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:tpc-sd8x21_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29734EC-0A1D-40F4-9A77-59D64A552975",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:tpc-sd8x21:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A88A53-91D8-4019-95EB-F6FEFF469F9A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:nvr1xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA1B61BC-4D6E-4AFA-8F43-CEB88E8084FB",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:nvr1xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E209BDB-4D44-4ABB-A5EC-0EC46C6EFE48",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:nvr2xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84EA30CA-F1CD-4FC6-A2DC-5DED62E85583",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:nvr2xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0F1A0B-4C7A-4763-BACC-A4D277F7DA6A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:nvr4xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87CB4D6-9237-4D20-B494-DEABA7836BC6",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:nvr4xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "994D8768-F93B-4AE0-A2DD-11A24C14882E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:nvr5xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19D24F8-1FF6-4B80-B9A6-6C6E0174EC71",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:nvr5xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA773F1A-D8CB-4B86-AEF6-7EBFC8A638B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:xvr4xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E215F5B8-A229-4EC1-B029-05DE9B14CA55",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:xvr4xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BCC22E-3CBD-48E9-A92F-B1478B12D047",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:xvr5xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3564DD5-7C1B-4DF2-BB44-B9A58BBA7E4A",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:xvr5xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B3EDC6-6D9F-4B3D-A155-CD82D330CC3F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:xvr7xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE5E8C5-A7D2-4962-BBB0-8507F41B35B8",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:xvr7xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "036DF596-F7AE-48FC-A862-2F5267B4B5C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:hcvr7xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F49454AC-EB35-41A5-9CC8-3116C02B447E",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:hcvr7xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF15D7BC-70E1-43E3-B54E-9848F67E9AE2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:hcvr8xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9EFA83B-4DC1-4936-BDCA-0A3846201F6F",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:hcvr8xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7DF9BAE-3446-438B-BD14-0E450815CFEF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:vtox20xf_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE8A4D8-1D43-4241-B723-FAD1A8804688",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:vtox20xf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A17A30F-F376-4438-A331-372DC1AA4073",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dahuasecurity:asc2204c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EEB9746-4F02-4125-9022-C7D995B8C1B5",
              "versionEndIncluding": "2021-7",
              "versionStartIncluding": "2017-7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dahuasecurity:asc2204c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "421A373F-AC77-4CAF-BE0F-D53F4E29D520",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords."
    },
    {
      "lang": "es",
      "value": "Algunos productos Dahua presentan una vulnerabilidad de control de acceso en el proceso de restablecimiento de la contrase\u00f1a. Los atacantes pueden explotar esta vulnerabilidad mediante implementaciones espec\u00edficas para restablecer las contrase\u00f1as de los dispositivos"
    }
  ],
  "id": "CVE-2021-33046",
  "lastModified": "2024-11-21T06:08:11.233",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-13T21:15:07.753",
  "references": [
    {
      "source": "cybersecurity@dahuatech.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.dahuatech.com/networkSecurity/securityDetails?id=95"
    },
    {
      "source": "cybersecurity@dahuatech.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.dahuasecurity.com/support/cybersecurity/details/957"
    },
    {
      "source": "cybersecurity@dahuatech.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dahuasecurity.com/support/cybersecurity/details/987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.dahuatech.com/networkSecurity/securityDetails?id=95"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://www.dahuasecurity.com/support/cybersecurity/details/957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dahuasecurity.com/support/cybersecurity/details/987"
    }
  ],
  "sourceIdentifier": "cybersecurity@dahuatech.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.