Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-33046

🗓️ 13 Jan 2022 20:27:13Reported by dahuaType 
cve
 cve🔗 web.nvd.nist.gov👁 86 Views

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
Circl		CVE-2021-33046
5 Mar 202212:49
circl
CNNVD		多款Dahua产品授权问题漏洞
13 Jan 202200:00
cnnvd
Cvelist		CVE-2021-33046
13 Jan 202220:27
cvelist
EUVD		EUVD-2021-19761
7 Oct 202500:30
euvd
NVD		CVE-2021-33046
13 Jan 202221:15
nvd
Prion		Design/Logic Flaw
13 Jan 202221:15
prion
RedhatCVE		CVE-2021-33046
9 Jan 202611:28
redhatcve
Tenable Nessus		Dahua Security Cameras Improper Authentication (CVE-2021-33046)
29 Jul 202400:00
nessus
NVD
Node
dahuasecurityipc-hx1xxx_firmwareRange2017-72021-7
AND
dahuasecurityipc-hx1xxxMatch-
Node
dahuasecurityipc-hx2xxx_firmwareRange2017-72021-7
AND
dahuasecurityipc-hx2xxxMatch-
Node
dahuasecurityipc-hx3xxx_firmwareRange2017-72021-7
AND
dahuasecurityipc-hx3xxxMatch-
Node
dahuasecurityipc-hx5(4)(3)xxx_firmwareRange2017-72021-7
AND
dahuasecurityipc-hx5(4)(3)xxxMatch-
Node
dahuasecurityipc-hx5xxx_firmwareRange2017-72021-7
AND
dahuasecurityipc-hx5xxxMatch-
Node
dahuasecuritysd1a1_firmwareRange2017-72021-7
AND
dahuasecuritysd1a1Match-
Node
dahuasecuritysd22_firmwareRange2017-72021-7
AND
dahuasecuritysd22Match-
Node
dahuasecuritysd49_firmwareRange2017-72021-7
AND
dahuasecuritysd49Match-
Node
dahuasecuritysd50_firmwareRange2017-72021-7
AND
dahuasecuritysd50Match-
Node
dahuasecuritysd52c_firmwareRange2017-72021-7
AND
dahuasecuritysd52cMatch-
Node
dahuasecuritysd6al_firmwareRange2017-72021-7
AND
dahuasecuritysd6alMatch-
Node
dahuasecuritytpc-bf1241_firmwareRange2017-72021-7
AND
dahuasecuritytpc-bf1241Match-
Node
dahuasecuritytpc-bf2221_firmwareRange2017-72021-7
AND
dahuasecuritytpc-bf2221Match-
Node
dahuasecuritytpc-bf5x01_firmwareRange2017-72021-7
AND
dahuasecuritytpc-bf5x01Match-
Node
dahuasecuritytpc-pt8x21x_firmwareRange2017-72021-7
AND
dahuasecuritytpc-pt8x21xMatch-
Node
dahuasecuritytpc-sd2221_firmwareRange2017-72021-7
AND
dahuasecuritytpc-sd2221Match-
Node
dahuasecuritytpc-sd8x21_firmwareRange2017-72021-7
AND
dahuasecuritytpc-sd8x21Match-
Node
dahuasecuritynvr1xxx_firmwareRange2017-72021-7
AND
dahuasecuritynvr1xxxMatch-
Node
dahuasecuritynvr2xxx_firmwareRange2017-72021-7
AND
dahuasecuritynvr2xxxMatch-
Node
dahuasecuritynvr4xxx_firmwareRange2017-72021-7
AND
dahuasecuritynvr4xxxMatch-
Node
dahuasecuritynvr5xxx_firmwareRange2017-72021-7
AND
dahuasecuritynvr5xxxMatch-
Node
dahuasecurityxvr4xxx_firmwareRange2017-72021-7
AND
dahuasecurityxvr4xxxMatch-
Node
dahuasecurityxvr5xxx_firmwareRange2017-72021-7
AND
dahuasecurityxvr5xxxMatch-
Node
dahuasecurityxvr7xxx_firmwareRange2017-72021-7
AND
dahuasecurityxvr7xxxMatch-
Node
dahuasecurityhcvr7xxx_firmwareRange2017-72021-7
AND
dahuasecurityhcvr7xxxMatch-
Node
dahuasecurityhcvr8xxx_firmwareRange2017-72021-7
AND
dahuasecurityhcvr8xxxMatch-
Node
dahuasecurityvtox20xf_firmwareRange2017-72021-7
AND
dahuasecurityvtox20xfMatch-
Node
dahuasecurityasc2204c_firmwareRange2017-72021-7
AND
dahuasecurityasc2204cMatch-
[
  {
    "product": "Access control vulnerability found in some Dahua products",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Dahua IP Camera devices IPC-HX3XXX, and IPC-HX5XXX"
      },
      {
        "status": "affected",
        "version": "PTZ Dome Camera SD1A1, SD22, SD49, SD50, SD52C, and SD6AL"
      },
      {
        "status": "affected",
        "version": "Thermal TPC-BF1241,TPC-BF2221, TPC-SD2221"
      },
      {
        "status": "affected",
        "version": "VTO2101E, VTOX221E, and ASC2204C devices Buildtime between 2017/7 ~ 2021/7.  NVR devices NVR4XXX, and NVR5XXX"
      },
      {
        "status": "affected",
        "version": "XVR devices XVR4XXX, and XVR5XXX"
      },
      {
        "status": "affected",
        "version": "HCVR devices HCVR7XXX, and HCVR8XXX devices Buildtime between 2017/1 ~ 2021/7."
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 06:08Current
9.4High risk
Vulners AI Score9.4
CVSS 27.5
CVSS 3.19.8
EPSS0.00502
CWE-287
dahuaaccess controlvulnerabilitypassword resetcve-2021-33046nvd
86