CVE-2017-6432

EUVD-2017-15489
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
dahuasecuritynvr_firmware
3.210.0001.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nullku7.github.io/stuff/exploit/dahua/2017/03/09/dahua-nvr-authbypass.html
https://twitter.com/null_ku7/status/839814344351240193
https://nullku7.github.io/stuff/exploit/dahua/2017/03/09/dahua-nvr-authbypass.html
https://twitter.com/null_ku7/status/839814344351240193