The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDahuasecurity Ipc Hum7xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hum7xxx Firmware
OSDahuasecurity< 2.820.0000000.5.r.210705Dahuasecurity Ipc Hx3xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx3xxx Firmware
OSDahuasecurity< 2.800.0000000.29.r.210630Dahuasecurity Ipc Hx5xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx5xxx Firmware
OSDahuasecurity< 2.820.0000000.5.r.210705Dahuasecurity Nvr 1xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr 1xxx Firmware
OSDahuasecurity< 4.001.0000005.1.r.210709Dahuasecurity Nvr 2xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr 2xxx Firmware
OSDahuasecurity< 4.001.0000000.1.r.210710Dahuasecurity Nvr 4xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr 4xxx Firmware
OSDahuasecurity< 4.001.0000005.1.r.210713Dahuasecurity Nvr 5xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr 5xxx Firmware
OSDahuasecurity< 4.001.0000000.0.r.210710Dahuasecurity Nvr 6xx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr 6xx Firmware
OSDahuasecurity< 4.001.0000001.1.r.210716Dahuasecurity Vth 542xh
HWDahuasecuritywszystkie wersjeDahuasecurity Vth 542xh Firmware
OSDahuasecurity< 4.500.0000002.0.r.210715Dahuasecurity Vto 65xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Vto 65xxx Firmware
OSDahuasecurity< 4.300.0000004.0.r.210715Dahuasecurity Vto 75x95x
HWDahuasecuritywszystkie wersjeDahuasecurity Vto 75x95x Firmware
OSDahuasecurity< 4.300.0000003.0.r.210714Dahuasecurity Xvr 4x04
HWDahuasecuritywszystkie wersjeDahuasecurity Xvr 4x04 Firmware
OSDahuasecurity< 4.001.0000001.1.r.210709Dahuasecurity Xvr 4x08
HWDahuasecuritywszystkie wersjeDahuasecurity Xvr 4x08 Firmware
OSDahuasecurity< 4.001.0000001.1.r.210709Dahuasecurity Xvr 5x04
HWDahuasecuritywszystkie wersjeDahuasecurity Xvr 5x04 Firmware
OSDahuasecurity< 4.001.0000003.1.r.210710Dahuasecurity Xvr 5x08
HWDahuasecuritywszystkie wersjeDahuasecurity Xvr 5x08 Firmware
OSDahuasecurity< 4.001.0000003.1.r.210710
CISA KEV — szczegółyi
- Dostawcai
- Dahua
- Produkti
- IP Camera Firmware
- Data dodania do KEVi
- 21 sierpnia 2024
- Termin remediation (USA)i
- 11 września 2024(po terminie)
Zastosuj mitygacje zgodnie z instrukcjami producenta lub zaprzestań użytkowania produktu, jeśli mitygacje nie są dostępne.
▸ Pokaż oryginał (EN)
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Kamery IP Dahua i powiązane produkty zawierają lukę w uwierzytelnianiu, gdy urządzenie pętli zwrotnej jest określone przez klienta podczas uwierzytelniania.
▸ Pokaż oryginał (EN)
Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.
Powiązane podatności
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attack...
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit thi...
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During n...
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a...
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the S...