CVE-2013-3613

Dahuasecurity Dvr0404hd-a - Authentication Bypass

Title source: rule

Description

Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/29673

View Code ZIP pw:eip

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/800094

Scores

EPSS 0.1202

EPSS Percentile 93.8%

Details

CWE

CWE-287

Status published

Products (50)

dahuasecurity/dvr0404hd-a

dahuasecurity/dvr0404hd-l

dahuasecurity/dvr0404hd-s

dahuasecurity/dvr0404hd-u

dahuasecurity/dvr0404hf-a-e

dahuasecurity/dvr0404hf-al-e

dahuasecurity/dvr0404hf-s-e

dahuasecurity/dvr0404hf-u-e

dahuasecurity/dvr0804

dahuasecurity/dvr0804hd-l

... and 40 more

Published Sep 17, 2013

Tracked Since Feb 18, 2026