Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-41506
HistoryJun 30, 2022 - 1:15 p.m.

CVE-2021-41506

2022-06-3013:15:08
CWE-287
[email protected]
web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

68.1%

JSON

Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R11.Nat.20170301, V4.02.R12.Nat.OnvifS.20170727 is affected by a backdoor in the macGuarder and dvrHelper binaries of DVR/NVR/IP camera firmware due to static root account credentials in the system.

Affected configurations

NVD
Node
xiongmaitechahb7008t-mh-v2Match-
AND
xiongmaitechahb7008t-mh-v2_firmwareMatch4.02.r11.7601.nat.onvif.20170420
Node
xiongmaitechahb7804r-elsMatch-
AND
xiongmaitechahb7804r-els_firmwareMatch4.02.r11.nat.onvif.20160422
Node
xiongmaitechahb7804r-mh-v2Match-
AND
xiongmaitechahb7804r-mh-v2_firmwareMatch4.02.r11.7601.nat.onvif.20170424
Node
xiongmaitechahb7808r-ms-v2Match-
AND
xiongmaitechahb7808r-ms-v2_firmwareMatch4.02.r11.nat.onvif.20170327
Node
xiongmaitechahb7808r-msMatch-
AND
xiongmaitechahb7808r-ms_firmwareMatch4.02.r11.nat.onvif.20160328
Node
xiongmaitechahb7808t-ms-v2Match-
AND
xiongmaitechahb7808t-ms-v2_firmwareMatch4.02.r11.nat.onvifc.20161205
Node
xiongmaitechahb7804r-lmsMatch-
AND
xiongmaitechahb7804r-lms_firmwareMatch4.02.r11.nat.20170301
Node
xiongmaitechhi3518e_50h10l_s39Match-
AND
xiongmaitechhi3518e_50h10l_s39_firmwareMatch4.02.r12.nat.onvifs.20170727

Related

prion 1
cve 1
cvelist 1
prion
prion
Input validation
2022-06-30 13:15:00
cve
cve
CVE-2021-41506
2022-06-30 13:15:08
cvelist
cvelist
CVE-2021-41506
2022-06-30 12:43:54

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

68.1%

JSON
Related for NVD:CVE-2021-41506
prion1cve1cvelist1