Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDahuasecurity Asc2204c
HWDahuasecuritywszystkie wersjeDahuasecurity Asc2204c Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Hcvr7xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Hcvr7xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Hcvr8xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Hcvr8xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Ipc Hx1xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx1xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Ipc Hx2xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx2xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Ipc Hx3xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx3xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Ipc Hx5\(4\)\(3\)xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx5\(4\)\(3\)xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Ipc Hx5xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Ipc Hx5xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Nvr1xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr1xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Nvr2xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr2xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Nvr4xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr4xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Nvr5xxx
HWDahuasecuritywszystkie wersjeDahuasecurity Nvr5xxx Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Sd1a1
HWDahuasecuritywszystkie wersjeDahuasecurity Sd1a1 Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Sd22
HWDahuasecuritywszystkie wersjeDahuasecurity Sd22 Firmware
OSDahuasecurity2017-7 β 2021-7Dahuasecurity Sd49
HWDahuasecuritywszystkie wersjeDahuasecurity Sd49 Firmware
OSDahuasecurity2017-7 β 2021-7
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References
Related vulnerabilities
CVE-2021-33044CRITICAL9.8β KEVten sam produkt
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attack...
CVE-2021-33045CRITICAL9.8β KEVten sam produkt
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attack...
CVE-2020-9502CRITICAL9.8ten sam produkt
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During n...
CVE-2019-9682HIGH8.1ten sam produkt
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to ...
CVE-2020-9499HIGH7.2ten sam produkt
Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the...