CVE-2013-3613

Dahuasecurity Dvr0404hd-a - Authentication Bypass

Title source: rule

Description

Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/29673

View on exploitdb

References (1)

[US Government Resource] http://www.kb.cert.org/vuls/id/800094

Scores

EPSS 0.0849

EPSS Percentile 92.2%

Classification

CWE

CWE-287

Status draft

Affected Products (50)

dahuasecurity/dvr0404hd-a

dahuasecurity/dvr0404hd-l

dahuasecurity/dvr0404hd-s

dahuasecurity/dvr0404hd-u

dahuasecurity/dvr0404hf-a-e

dahuasecurity/dvr0404hf-al-e

dahuasecurity/dvr0404hf-s-e

dahuasecurity/dvr0404hf-u-e

dahuasecurity/dvr0804

dahuasecurity/dvr0804hd-l

dahuasecurity/dvr0804hd-s

dahuasecurity/dvr0804hf-a-e

dahuasecurity/dvr0804hf-al-e

dahuasecurity/dvr0804hf-l-e

dahuasecurity/dvr0804hf-s-e

... and 35 more

Timeline

Published Sep 17, 2013

Tracked Since Feb 18, 2026