Vulnerability CVE-2013-3612


Published: 2013-09-17

Description:
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.

Type:

CWE-255

(Credentials Management)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Dahuasecurity -> Dvr0804hf-u-e 
Dahuasecurity -> Dvr2116c 
Dahuasecurity -> Dvr5108h 
Dahuasecurity -> Dvr5816 
Dahuasecurity -> Dvr0404hd-a 
Dahuasecurity -> Dvr1604hd-l 
Dahuasecurity -> Dvr2116h 
Dahuasecurity -> Dvr5108he 
Dahuasecurity -> Dvr6404lf-s 
Dahuasecurity -> Dvr0404hd-l 
Dahuasecurity -> Dvr1604hd-s 
Dahuasecurity -> Dvr2116hc 
Dahuasecurity -> Dvr5116c 
Dahuasecurity -> Dvr0404hd-s 
Dahuasecurity -> Dvr1604hf-a-e 
Dahuasecurity -> Dvr2116he 
Dahuasecurity -> Dvr5116h 
Dahuasecurity -> Dvr0404hd-u 
Dahuasecurity -> Dvr1604hf-al-e 
Dahuasecurity -> Dvr2404hf-s 
Dahuasecurity -> Dvr5116he 
Dahuasecurity -> Dvr0404hf-a-e 
Dahuasecurity -> Dvr1604hf-l-e 
Dahuasecurity -> Dvr2404lf-al 
Dahuasecurity -> Dvr5204a 
Dahuasecurity -> Dvr0404hf-al-e 
Dahuasecurity -> Dvr1604hf-s-e 
Dahuasecurity -> Dvr2404lf-s 
Dahuasecurity -> Dvr5204l 
Dahuasecurity -> Dvr0404hf-s-e 
Dahuasecurity -> Dvr1604hf-u-e 
Dahuasecurity -> Dvr3204hf-s 
Dahuasecurity -> Dvr5208a 
Dahuasecurity -> Dvr0404hf-u-e 
Dahuasecurity -> Dvr2104c 
Dahuasecurity -> Dvr3204lf-al 
Dahuasecurity -> Dvr5208l 
Dahuasecurity -> Dvr0804 
Dahuasecurity -> Dvr2104h 
Dahuasecurity -> Dvr3204lf-s 
Dahuasecurity -> Dvr5216a 
Dahuasecurity -> Dvr0804hd-l 
Dahuasecurity -> Dvr2104hc 
Dahuasecurity -> Dvr3224l 
Dahuasecurity -> Dvr5216l 
Dahuasecurity -> Dvr0804hd-s 
Dahuasecurity -> Dvr2104he 
Dahuasecurity -> Dvr3232l 
Dahuasecurity -> Dvr5404 
Dahuasecurity -> Dvr0804hf-a-e 
Dahuasecurity -> Dvr2108c 
Dahuasecurity -> Dvr5104c 
Dahuasecurity -> Dvr5408 
Dahuasecurity -> Dvr0804hf-al-e 
Dahuasecurity -> Dvr2108h 
Dahuasecurity -> Dvr5104h 
Dahuasecurity -> Dvr5416 
Dahuasecurity -> Dvr0804hf-l-e 
Dahuasecurity -> Dvr2108hc 
Dahuasecurity -> Dvr5104he 
Dahuasecurity -> Dvr5804 
Dahuasecurity -> Dvr0804hf-s-e 
Dahuasecurity -> Dvr2108he 
Dahuasecurity -> Dvr5108c 
Dahuasecurity -> Dvr5808 

 References:
http://www.kb.cert.org/vuls/id/800094

Copyright 2024, cxsecurity.com

 

Back to Top