CVE-2021-33045
15.09.2021, 22:15
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.Enginsight
Vendor | Product | Version |
---|---|---|
dahuasecurity | ipc-hum7xxx_firmware | 𝑥 < 2.820.0000000.5.r.210705 |
dahuasecurity | ipc-hx3xxx_firmware | 𝑥 < 2.800.0000000.29.r.210630 |
dahuasecurity | ipc-hx5xxx_firmware | 𝑥 < 2.820.0000000.5.r.210705 |
dahuasecurity | nvr-1xxx_firmware | 𝑥 < 4.001.0000005.1.r.210709 |
dahuasecurity | nvr-2xxx_firmware | 𝑥 < 4.001.0000000.1.r.210710 |
dahuasecurity | nvr-4xxx_firmware | 𝑥 < 4.001.0000005.1.r.210713 |
dahuasecurity | nvr-5xxx_firmware | 𝑥 < 4.001.0000000.0.r.210710 |
dahuasecurity | nvr-6xx_firmware | 𝑥 < 4.001.0000001.1.r.210716 |
dahuasecurity | vth-542xh_firmware | 𝑥 < 4.500.0000002.0.r.210715 |
dahuasecurity | vto-65xxx_firmware | 𝑥 < 4.300.0000004.0.r.210715 |
dahuasecurity | vto-75x95x_firmware | 𝑥 < 4.300.0000003.0.r.210714 |
dahuasecurity | xvr-4x04_firmware | - |
dahuasecurity | xvr-4x08_firmware | 𝑥 < 4.001.0000001.1.r.210709 |
dahuasecurity | xvr-4x04_firmware | 𝑥 < 4.001.0000001.1.r.210709 |
dahuasecurity | xvr-5x04_firmware | 𝑥 < 4.001.0000003.1.r.210710 |
dahuasecurity | xvr-5x08_firmware | 𝑥 < 4.001.0000003.1.r.210710 |
dahuasecurity | xvr-5x16_firmware | 𝑥 < 4.001.0000003.1.r.210710 |
dahuasecurity | xvr-7x16_firmware | 𝑥 < 4.001.0000003.1.r.210710 |
dahuasecurity | xvr-7x32_firmware | 𝑥 < 4.001.0000003.1.r.210710 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References