CVE-2021-33045

Warnung

Exploit

EPSS 94.17%
Veröffentlicht 15.09.2021 22:15:10
Zuletzt bearbeitet 13.01.2026 22:20:20
Quelle cybersecurity@dahuatech.com
CVE-Watchlists
Login
Unerledigt
Login

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dahuasecurity ≫ Ipc-hum7xxx Firmware Version < 2.820.0000000.5.r.210705

Dahuasecurity ≫ Ipc-hum7xxx Version-

Dahuasecurity ≫ Ipc-hx3xxx Firmware Version < 2.800.0000000.29.r.210630

Dahuasecurity ≫ Ipc-hx3xxx Version-

Dahuasecurity ≫ Ipc-hx5xxx Firmware Version < 2.820.0000000.5.r.210705

Dahuasecurity ≫ Ipc-hx5xxx Version-

Dahuasecurity ≫ Nvr-1xxx Firmware Version < 4.001.0000005.1.r.210709

Dahuasecurity ≫ Nvr-1xxx Version-

Dahuasecurity ≫ Nvr-2xxx Firmware Version < 4.001.0000000.1.r.210710

Dahuasecurity ≫ Nvr-2xxx Version-

Dahuasecurity ≫ Nvr-4xxx Firmware Version < 4.001.0000005.1.r.210713

Dahuasecurity ≫ Nvr-4xxx Version-

Dahuasecurity ≫ Nvr-5xxx Firmware Version < 4.001.0000000.0.r.210710

Dahuasecurity ≫ Nvr-5xxx Version-

Dahuasecurity ≫ Nvr-6xx Firmware Version < 4.001.0000001.1.r.210716

Dahuasecurity ≫ Nvr-6xx Version-

Dahuasecurity ≫ Vth-542xh Firmware Version < 4.500.0000002.0.r.210715

Dahuasecurity ≫ Vth-542xh Version-

Dahuasecurity ≫ Vto-65xxx Firmware Version < 4.300.0000004.0.r.210715

Dahuasecurity ≫ Vto-65xxx Version-

Dahuasecurity ≫ Vto-75x95x Firmware Version < 4.300.0000003.0.r.210714

Dahuasecurity ≫ Vto-75x95x Version-

Dahuasecurity ≫ Xvr-4x04 Firmware Version-

Dahuasecurity ≫ Xvr-4x04 Version-

Dahuasecurity ≫ Xvr-4x08 Firmware Version < 4.001.0000001.1.r.210709

Dahuasecurity ≫ Xvr-4x08 Version-

Dahuasecurity ≫ Xvr-4x04 Firmware Version < 4.001.0000001.1.r.210709

Dahuasecurity ≫ Xvr-4x04 Version-

Dahuasecurity ≫ Xvr-5x04 Firmware Version < 4.001.0000003.1.r.210710

Dahuasecurity ≫ Xvr-5x04 Version-

Dahuasecurity ≫ Xvr-5x08 Firmware Version < 4.001.0000003.1.r.210710

Dahuasecurity ≫ Xvr-5x08 Version-

Dahuasecurity ≫ Xvr-5x16 Firmware Version < 4.001.0000003.1.r.210710

Dahuasecurity ≫ Xvr-5x16 Version-

Dahuasecurity ≫ Xvr-7x16 Firmware Version < 4.001.0000003.1.r.210710

Dahuasecurity ≫ Xvr-7x16 Version-

Dahuasecurity ≫ Xvr-7x32 Firmware Version < 4.001.0000003.1.r.210710

Dahuasecurity ≫ Xvr-7x32 Version-

21.08.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog

Dahua IP Camera Authentication Bypass Vulnerability

Schwachstelle

Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.

Beschreibung

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	94.17%	0.999

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H