Lucene search

[email protected]CVE-2013-5754

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-5754

2022-10-0316:14:54

CWE-264

[email protected]

web.nvd.nist.gov

dahua

dvr

appliances

authorization

vulnerability

cve-2013-5754

nvd

remote attackers

administrative access

hash string

master password

activex

standalone client

cve-2013-3612

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.7%

JSON

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.

Affected configurations

NVD

Node

dahuasecuritydvr0404hd-aMatch-

dahuasecuritydvr0404hd-lMatch-

dahuasecuritydvr0404hd-sMatch-

dahuasecuritydvr0404hd-uMatch-

dahuasecuritydvr0404hf-a-eMatch-

dahuasecuritydvr0404hf-al-eMatch-

dahuasecuritydvr0404hf-s-eMatch-

dahuasecuritydvr0404hf-u-eMatch-

dahuasecuritydvr0804Match-

dahuasecuritydvr0804hd-lMatch-

dahuasecuritydvr0804hd-sMatch-

dahuasecuritydvr0804hf-a-eMatch-

dahuasecuritydvr0804hf-al-eMatch-

dahuasecuritydvr0804hf-l-eMatch-

dahuasecuritydvr0804hf-s-eMatch-

dahuasecuritydvr0804hf-u-eMatch-

dahuasecuritydvr1604hd-lMatch-

dahuasecuritydvr1604hd-sMatch-

dahuasecuritydvr1604hf-a-eMatch-

dahuasecuritydvr1604hf-al-eMatch-

dahuasecuritydvr1604hf-l-eMatch-

dahuasecuritydvr1604hf-s-eMatch-

dahuasecuritydvr1604hf-u-eMatch-

dahuasecuritydvr2104cMatch-

dahuasecuritydvr2104hMatch-

dahuasecuritydvr2104hcMatch-

dahuasecuritydvr2104heMatch-

dahuasecuritydvr2108cMatch-

dahuasecuritydvr2108hMatch-

dahuasecuritydvr2108hcMatch-

dahuasecuritydvr2108heMatch-

dahuasecuritydvr2116cMatch-

dahuasecuritydvr2116hMatch-

dahuasecuritydvr2116hcMatch-

dahuasecuritydvr2116heMatch-

dahuasecuritydvr2404hf-sMatch-

dahuasecuritydvr2404lf-alMatch-

dahuasecuritydvr2404lf-sMatch-

dahuasecuritydvr3204hf-sMatch-

dahuasecuritydvr3204lf-alMatch-

dahuasecuritydvr3204lf-sMatch-

dahuasecuritydvr3224lMatch-

dahuasecuritydvr3232lMatch-

dahuasecuritydvr5104cMatch-

dahuasecuritydvr5104hMatch-

dahuasecuritydvr5104heMatch-

dahuasecuritydvr5108cMatch-

dahuasecuritydvr5108hMatch-

dahuasecuritydvr5108heMatch-

dahuasecuritydvr5116cMatch-

dahuasecuritydvr5116hMatch-

dahuasecuritydvr5116heMatch-

dahuasecuritydvr5204aMatch-

dahuasecuritydvr5204lMatch-

dahuasecuritydvr5208aMatch-

dahuasecuritydvr5208lMatch-

dahuasecuritydvr5216aMatch-

dahuasecuritydvr5216lMatch-

dahuasecuritydvr5404Match-

dahuasecuritydvr5408Match-

dahuasecuritydvr5416Match-

dahuasecuritydvr5804Match-

dahuasecuritydvr5808Match-

dahuasecuritydvr5816Match-

dahuasecuritydvr6404lf-sMatch-

CPENameOperatorVersion
dahuasecurity:dvr0404hd-adahuasecurity dvr0404hd-aeq-
dahuasecurity:dvr0404hd-ldahuasecurity dvr0404hd-leq-
dahuasecurity:dvr0404hd-sdahuasecurity dvr0404hd-seq-
dahuasecurity:dvr0404hd-udahuasecurity dvr0404hd-ueq-
dahuasecurity:dvr0404hf-a-edahuasecurity dvr0404hf-a-eeq-
dahuasecurity:dvr0404hf-al-edahuasecurity dvr0404hf-al-eeq-
dahuasecurity:dvr0404hf-s-edahuasecurity dvr0404hf-s-eeq-
dahuasecurity:dvr0404hf-u-edahuasecurity dvr0404hf-u-eeq-
dahuasecurity:dvr0804dahuasecurity dvr0804eq-
dahuasecurity:dvr0804hd-ldahuasecurity dvr0804hd-leq-

CPE	Name	Operator	Version
dahuasecurity:dvr0404hd-a	dahuasecurity dvr0404hd-a	eq	-
dahuasecurity:dvr0404hd-l	dahuasecurity dvr0404hd-l	eq	-
dahuasecurity:dvr0404hd-s	dahuasecurity dvr0404hd-s	eq	-
dahuasecurity:dvr0404hd-u	dahuasecurity dvr0404hd-u	eq	-
dahuasecurity:dvr0404hf-a-e	dahuasecurity dvr0404hf-a-e	eq	-
dahuasecurity:dvr0404hf-al-e	dahuasecurity dvr0404hf-al-e	eq	-
dahuasecurity:dvr0404hf-s-e	dahuasecurity dvr0404hf-s-e	eq	-
dahuasecurity:dvr0404hf-u-e	dahuasecurity dvr0404hf-u-e	eq	-
dahuasecurity:dvr0804	dahuasecurity dvr0804	eq	-
dahuasecurity:dvr0804hd-l	dahuasecurity dvr0804hd-l	eq	-