Search
Find a vulnerability
Search criteria
2 vulnerabilities found for dvr_firmware by dahuasecurity
CVE-2013-6117 (GCVE-0-2013-6117)
Vulnerability from nvd – Published: 2014-07-11 19:00 – Updated: 2024-08-06 17:29
VLAI
Summary
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://seclists.org/bugtraq/2013/Nov/62 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/99783 | vdb-entryx_refsource_OSVDB |
| http://packetstormsecurity.com/files/124022/Dahua… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/29673 | exploitx_refsource_EXPLOIT-DB |
| http://blog.depthsecurity.com/2013/11/dahua-dvr-a… | x_refsource_MISC |
Date Public
2013-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/99783"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-11T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/99783"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/99783"
},
{
"name": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"name": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html",
"refsource": "MISC",
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6117",
"datePublished": "2014-07-11T19:00:00.000Z",
"dateReserved": "2013-10-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:29:42.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6117 (GCVE-0-2013-6117)
Vulnerability from cvelistv5 – Published: 2014-07-11 19:00 – Updated: 2024-08-06 17:29
VLAI
Summary
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://seclists.org/bugtraq/2013/Nov/62 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/99783 | vdb-entryx_refsource_OSVDB |
| http://packetstormsecurity.com/files/124022/Dahua… | x_refsource_MISC |
| http://www.exploit-db.com/exploits/29673 | exploitx_refsource_EXPLOIT-DB |
| http://blog.depthsecurity.com/2013/11/dahua-dvr-a… | x_refsource_MISC |
Date Public
2013-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/99783"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-11T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/99783"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131113 Dahua DVR Authentication Bypass - CVE-2013-6117",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2013/Nov/62"
},
{
"name": "99783",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/99783"
},
{
"name": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html"
},
{
"name": "29673",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/29673"
},
{
"name": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html",
"refsource": "MISC",
"url": "http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6117",
"datePublished": "2014-07-11T19:00:00.000Z",
"dateReserved": "2013-10-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:29:42.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}