Lucene search
K
DahuasecurityDvr0804hf-u-e

5 matches found

CVE
CVE
added 2013/09/17 10:0 a.m.135 views

CVE-2013-3612

CVE-2013-3612 affects Dahua DVR appliances, where a hardcoded password exists for the root account and an unspecified backdoor account. This facilitates administrative access by remote attackers via authorization requests using (a) ActiveX, (b) a standalone client, or (c) other vectors. The Conne...

10CVSS6.8AI score0.10298EPSS
CVE
CVE
added 2013/09/17 10:0 a.m.75 views

CVE-2013-3613

CVE-2013-3613 affects Dahua DVR appliances. UPnP requests from untrusted addresses are not properly restricted, enabling remote attackers to obtain access via vectors involving a replay attack against the TELNET port (administrative service on TCP 37777 by default). Root cause is inadequate acces...

7.8CVSS6.5AI score0.06661EPSS
CVE
CVE
added 2013/09/17 10:0 a.m.66 views

CVE-2013-3614

Dahua DVR appliances are affected by CVE-2013-3614: the maximum password length is too small, enabling easier remote brute‑force access. Documents describe an authentication-related weakness impacting Dahua DVRs, including the service on TCP port 37777 and the potential for password‑related compr...

9.3CVSS6.7AI score0.07009EPSS
CVE
CVE
added 2013/09/17 10:0 a.m.65 views

CVE-2013-5754

CVE-2013-5754 affects Dahua DVR appliances. The authorization implementation accepts a hash string representing the current date as a master password, enabling remote attackers to obtain administrative access and change the administrator password via requests over ActiveX, a standalone client, or...

10CVSS6.8AI score0.02484EPSS
CVE
CVE
added 2013/09/17 10:0 a.m.64 views

CVE-2013-3615

The CVE-2013-3615 vulnerability affects Dahua DVR appliances (and rebranded variants), where a password-hash algorithm uses a short hash length, enabling context-dependent attackers to brute-force and recover cleartext passwords. This weakness resides in the device’s credential protection mechani...

7.8CVSS6.4AI score0.07655EPSS