3 matches found
Authorization
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...
CVE-2013-5754
CVE-2013-5754 affects Dahua DVR appliances. The authorization implementation accepts a hash string representing the current date as a master password, enabling remote attackers to obtain administrative access and change the administrator password via requests over ActiveX, a standalone client, or...
CVE-2013-3612
CVE-2013-3612 affects Dahua DVR appliances, where a hardcoded password exists for the root account and an unspecified backdoor account. This facilitates administrative access by remote attackers via authorization requests using (a) ActiveX, (b) a standalone client, or (c) other vectors. The Conne...