CVE-2021-33044

Warnung

Exploit

EPSS 94.27%
Veröffentlicht 15.09.2021 22:15:10
Zuletzt bearbeitet 13.01.2026 22:20:28
Quelle cybersecurity@dahuatech.com
CVE-Watchlists
Login
Unerledigt
Login

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dahuasecurity ≫ Ipc-hum7xxx Firmware Version < 2.820.0000000.5.r.210705

Dahuasecurity ≫ Ipc-hum7xxx Version-

Dahuasecurity ≫ Ipc-hx3xxx Firmware Version < 2.800.0000000.29.r.210630

Dahuasecurity ≫ Ipc-hx3xxx Version-

Dahuasecurity ≫ Ipc-hx5xxx Firmware Version < 2.820.0000000.18.r.210705

Dahuasecurity ≫ Ipc-hx5xxx Version-

Dahuasecurity ≫ Sd1a1 Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd1a1 Version-

Dahuasecurity ≫ Sd22 Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd22 Version-

Dahuasecurity ≫ Sd49 Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd49 Version-

Dahuasecurity ≫ Sd50 Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd50 Version-

Dahuasecurity ≫ Sd52c Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd52c Version-

Dahuasecurity ≫ Sd6al Firmware Version < 2.812.0000007.0.r.210706

Dahuasecurity ≫ Sd6al Version-

Dahuasecurity ≫ Tpc-bf1241 Firmware Version < 2.630.0000000.6.r.210707

Dahuasecurity ≫ Tpc-bf1241 Version-

Dahuasecurity ≫ Tpc-bf2221 Firmware Version < 2.630.0000000.10.r.210707

Dahuasecurity ≫ Tpc-bf2221 Version-

Dahuasecurity ≫ Tpc-bf5x01 Firmware Version < 2.630.0000000.12.r.210707

Dahuasecurity ≫ Tpc-bf5x01 Version-

Dahuasecurity ≫ Tpc-pt8x21b Firmware Version < 2.630.0000000.10.r.210701

Dahuasecurity ≫ Tpc-pt8x21b Version-

Dahuasecurity ≫ Tpc-sd2221 Firmware Version <= 2.630.0000000.7.r.210707

Dahuasecurity ≫ Tpc-sd2221 Version-

Dahuasecurity ≫ Tpc-sd8x21 Firmware Version < 2.630.0000000.9.r.210706

Dahuasecurity ≫ Tpc-sd8x21 Version-

Dahuasecurity ≫ Vto-65xxx Firmware Version < 4.300.0000004.0.r.210715

Dahuasecurity ≫ Vto-65xxx Version-

Dahuasecurity ≫ Vto-75x95x Firmware Version < 4.300.0000003.0.r.210714

Dahuasecurity ≫ Vto-75x95x Version-

Dahuasecurity ≫ Vth-542xh Firmware Version < 4.500.0000002.0.r.210715

Dahuasecurity ≫ Vth-542xh Version-

Dahuasecurity ≫ Tpc-bf5x21 Firmware Version < 2.630.0000000.8.r.210630

Dahuasecurity ≫ Tpc-bf5x21 Version-

21.08.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog

Dahua IP Camera Authentication Bypass Vulnerability

Schwachstelle

Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.

Beschreibung

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	94.27%	0.999

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H