Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3547

Malware in sbrugna...

7.8CVSS6.1AI score0.06661EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-5590

Malware in sbrugna...

10CVSS6.4AI score0.02484EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-15489

Malware in sbrugna...

9.3CVSS8.2AI score0.01025EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3548

Malware in sbrugna...

9.3CVSS6.1AI score0.0704EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3549

Malware in sbrugna...

7.8CVSS6.1AI score0.07655EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 a.m.15 views

CVE-2013-3613

Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port...

7.8CVSS6.8AI score0.06661EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:14 a.m.8 views

CVE-2013-3614

Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack...

9.3CVSS7AI score0.0704EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:48 a.m.13 views

CVE-2013-3612

Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors...

10CVSS6.8AI score0.10298EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:48 a.m.9 views

CVE-2013-3615

Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack...

7.8CVSS6.7AI score0.07655EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:54 a.m.9 views

CVE-2013-5754

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...

10CVSS7.1AI score0.10298EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.13 views

Dahua Security Digital Video Recorders Credentials Management Errors (CVE-2013-3615)

Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

7.8CVSS5.3AI score0.07655EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.13 views

Dahua Security Digital Video Recorders Permissions, Privileges, and Access Controls (CVE-2013-3614)

Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900...

9.3CVSS5.5AI score0.0704EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.9 views

Dahua Security Digital Video Recorders Improper Authentication (CVE-2013-3613)

Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

7.8CVSS5.5AI score0.06661EPSS
Exploits4References2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.1088 views

Dahua DVR Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule %qDahua DVR Auth Bypass Scanner, 'Description' = %qScans for Dahua-based DVRs and then grabs settings. Optionally resets a user's password and...

7.5CVSS7AI score0.70713EPSS
Exploits6
Prion
Prion
added 2017/03/09 5:59 p.m.18 views

Information disclosure

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...

9.3CVSS7.8AI score0.01025EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/03/09 5:0 p.m.23 views

CVE-2017-6432

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...

8.4AI score0.01025EPSS
Exploits0References2
Metasploit
Metasploit
added 2015/12/03 11:15 p.m.1185 views

Dahua DVR Auth Bypass Scanner

Scans for Dahua-based DVRs and then grabs settings. Optionally resets a user's password and clears the device logs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule %qDahua DVR Auth Bypass Scanner...

7.5CVSS7.2AI score0.70713EPSS
Exploits6
NVD
NVD
added 2014/07/11 7:55 p.m.28 views

CVE-2013-6117

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777...

7.5CVSS6.7AI score0.70713EPSS
Exploits6References5
Prion
Prion
added 2014/07/11 7:55 p.m.33 views

Authentication flaw

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777...

7.5CVSS6.9AI score0.70713EPSS
Exploits6References5Affected Software1
CVE
CVE
added 2014/07/11 7:0 p.m.153 views

CVE-2013-6117

CVE-2013-6117 affects Dahua DVRs (firmware in the 2.6xx range) and is an authentication bypass that can be triggered over TCP port 37777. The issue enables remote attackers to bypass login, obtain user credentials, change passwords, clear logs, and perform other actions as described in the primar...

7.5CVSS6.5AI score0.70713EPSS
Exploits6References5Affected Software1
Rows per page
Query Builder