CVE-2013-3612

Dahuasecurity Dvr0404hd-a - Credentials Management

Title source: rule

Description

Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/29673

View Code ZIP pw:eip

References (1)

[US Government Resource] http://www.kb.cert.org/vuls/id/800094

Scores

EPSS 0.1209

EPSS Percentile 93.8%

Details

CWE

CWE-255

Status published

Products (50)

dahuasecurity/dvr0404hd-a

dahuasecurity/dvr0404hd-l

dahuasecurity/dvr0404hd-s

dahuasecurity/dvr0404hd-u

dahuasecurity/dvr0404hf-a-e

dahuasecurity/dvr0404hf-al-e

dahuasecurity/dvr0404hf-s-e

dahuasecurity/dvr0404hf-u-e

dahuasecurity/dvr0804

dahuasecurity/dvr0804hd-l

... and 40 more

Published Sep 17, 2013

Tracked Since Feb 18, 2026