CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
79.1%
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
Vendor | Product | Version | CPE |
---|---|---|---|
dahuasecurity | dvr0404hd-a | - | cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hd-l | - | cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hd-s | - | cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hd-u | - | cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hf-a-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hf-al-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hf-s-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0404hf-u-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0804 | - | cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:* |
dahuasecurity | dvr0804hd-l | - | cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:* |