Lucene search
HistorySep 17, 2013 - 12:04 p.m.
CVE-2013-3614
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0.003
Percentile
69.4%
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
Affected configurations
Node
dahuasecuritydvr0404hd-aMatch-
ORdahuasecuritydvr0404hd-lMatch-
ORdahuasecuritydvr0404hd-sMatch-
ORdahuasecuritydvr0404hd-uMatch-
ORdahuasecuritydvr0404hf-a-eMatch-
ORdahuasecuritydvr0404hf-al-eMatch-
ORdahuasecuritydvr0404hf-s-eMatch-
ORdahuasecuritydvr0404hf-u-eMatch-
ORdahuasecuritydvr0804Match-
ORdahuasecuritydvr0804hd-lMatch-
ORdahuasecuritydvr0804hd-sMatch-
ORdahuasecuritydvr0804hf-a-eMatch-
ORdahuasecuritydvr0804hf-al-eMatch-
ORdahuasecuritydvr0804hf-l-eMatch-
ORdahuasecuritydvr0804hf-s-eMatch-
ORdahuasecuritydvr0804hf-u-eMatch-
ORdahuasecuritydvr1604hd-lMatch-
ORdahuasecuritydvr1604hd-sMatch-
ORdahuasecuritydvr1604hf-a-eMatch-
ORdahuasecuritydvr1604hf-al-eMatch-
ORdahuasecuritydvr1604hf-l-eMatch-
ORdahuasecuritydvr1604hf-s-eMatch-
ORdahuasecuritydvr1604hf-u-eMatch-
ORdahuasecuritydvr2104cMatch-
ORdahuasecuritydvr2104hMatch-
ORdahuasecuritydvr2104hcMatch-
ORdahuasecuritydvr2104heMatch-
ORdahuasecuritydvr2108cMatch-
ORdahuasecuritydvr2108hMatch-
ORdahuasecuritydvr2108hcMatch-
ORdahuasecuritydvr2108heMatch-
ORdahuasecuritydvr2116cMatch-
ORdahuasecuritydvr2116hMatch-
ORdahuasecuritydvr2116hcMatch-
ORdahuasecuritydvr2116heMatch-
ORdahuasecuritydvr2404hf-sMatch-
ORdahuasecuritydvr2404lf-alMatch-
ORdahuasecuritydvr2404lf-sMatch-
ORdahuasecuritydvr3204hf-sMatch-
ORdahuasecuritydvr3204lf-alMatch-
ORdahuasecuritydvr3204lf-sMatch-
ORdahuasecuritydvr3224lMatch-
ORdahuasecuritydvr3232lMatch-
ORdahuasecuritydvr5104cMatch-
ORdahuasecuritydvr5104hMatch-
ORdahuasecuritydvr5104heMatch-
ORdahuasecuritydvr5108cMatch-
ORdahuasecuritydvr5108hMatch-
ORdahuasecuritydvr5108heMatch-
ORdahuasecuritydvr5116cMatch-
ORdahuasecuritydvr5116hMatch-
ORdahuasecuritydvr5116heMatch-
ORdahuasecuritydvr5204aMatch-
ORdahuasecuritydvr5204lMatch-
ORdahuasecuritydvr5208aMatch-
ORdahuasecuritydvr5208lMatch-
ORdahuasecuritydvr5216aMatch-
ORdahuasecuritydvr5216lMatch-
ORdahuasecuritydvr5404Match-
ORdahuasecuritydvr5408Match-
ORdahuasecuritydvr5416Match-
ORdahuasecuritydvr5804Match-
ORdahuasecuritydvr5808Match-
ORdahuasecuritydvr5816Match-
ORdahuasecuritydvr6404lf-sMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dahuasecurity | dvr0404hd-a | - | cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hd-l | - | cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hd-s | - | cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hd-u | - | cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hf-a-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hf-al-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hf-s-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0404hf-u-e | - | cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0804 | - | cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:* |
| dahuasecurity | dvr0804hd-l | - | cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2013-3614
2013-09-17 10:00:00
cve
cve
CVE-2013-3614
2013-09-17 12:04:24
prion
prion
Default credentials
2013-09-17 12:04:00
cert
cert
Dahua Security DVRs contain multiple vulnerabilities
2013-09-13 00:00:00
exploitdb
exploitdb
Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)
2013-11-18 00:00:00
exploitpack
exploitpack
Dahua DVR 2.608.0000.02.608.GV00.0 - Authentication Bypass (Metasploit)
2013-11-18 00:00:00
securityvulns
securityvulns
Dahua DVR authentication bypass
2013-11-18 00:00:00
Dahua DVR Authentication Bypass - CVE-2013-6117
2013-11-18 00:00:00
seebug
seebug
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass
2014-07-01 00:00:00
zdt
zdt
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass
2013-11-19 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0.003
Percentile
69.4%
Related for NVD:CVE-2013-3614