TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2021-33046

CRITICAL
9.8

Beschreibung

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.

CVE Details

CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht1/13/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

dahuasecurity:asc2204cdahuasecurity:asc2204c_firmwaredahuasecurity:hcvr7xxxdahuasecurity:hcvr7xxx_firmwaredahuasecurity:hcvr8xxxdahuasecurity:hcvr8xxx_firmwaredahuasecurity:ipc-hx1xxxdahuasecurity:ipc-hx1xxx_firmwaredahuasecurity:ipc-hx2xxxdahuasecurity:ipc-hx2xxx_firmwaredahuasecurity:ipc-hx3xxxdahuasecurity:ipc-hx3xxx_firmwaredahuasecurity:ipc-hx5\(4\)\(3\)xxxdahuasecurity:ipc-hx5\(4\)\(3\)xxx_firmwaredahuasecurity:ipc-hx5xxxdahuasecurity:ipc-hx5xxx_firmwaredahuasecurity:nvr1xxxdahuasecurity:nvr1xxx_firmwaredahuasecurity:nvr2xxxdahuasecurity:nvr2xxx_firmwaredahuasecurity:nvr4xxxdahuasecurity:nvr4xxx_firmwaredahuasecurity:nvr5xxxdahuasecurity:nvr5xxx_firmwaredahuasecurity:sd1a1dahuasecurity:sd1a1_firmwaredahuasecurity:sd22dahuasecurity:sd22_firmwaredahuasecurity:sd49dahuasecurity:sd49_firmwaredahuasecurity:sd50dahuasecurity:sd50_firmwaredahuasecurity:sd52cdahuasecurity:sd52c_firmwaredahuasecurity:sd6aldahuasecurity:sd6al_firmwaredahuasecurity:tpc-bf1241dahuasecurity:tpc-bf1241_firmwaredahuasecurity:tpc-bf2221dahuasecurity:tpc-bf2221_firmwaredahuasecurity:tpc-bf5x01dahuasecurity:tpc-bf5x01_firmwaredahuasecurity:tpc-pt8x21xdahuasecurity:tpc-pt8x21x_firmwaredahuasecurity:tpc-sd2221dahuasecurity:tpc-sd2221_firmwaredahuasecurity:tpc-sd8x21dahuasecurity:tpc-sd8x21_firmwaredahuasecurity:vtox20xfdahuasecurity:vtox20xf_firmwaredahuasecurity:xvr4xxxdahuasecurity:xvr4xxx_firmwaredahuasecurity:xvr5xxxdahuasecurity:xvr5xxx_firmwaredahuasecurity:xvr7xxxdahuasecurity:xvr7xxx_firmware

Schwachen (CWE)

CWE-287

Referenzen

https://support.dahuatech.com/networkSecurity/securityDetails?id=95(cybersecurity@dahuatech.com)
https://www.dahuasecurity.com/support/cybersecurity/details/957(cybersecurity@dahuatech.com)
https://www.dahuasecurity.com/support/cybersecurity/details/987(cybersecurity@dahuatech.com)
https://support.dahuatech.com/networkSecurity/securityDetails?id=95(af854a3a-2127-422b-91ae-364da2661108)
https://www.dahuasecurity.com/support/cybersecurity/details/957(af854a3a-2127-422b-91ae-364da2661108)
https://www.dahuasecurity.com/support/cybersecurity/details/987(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.