CVE-2013-6117

EXPLOITED

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Unauthenticated Authentication Bypass via TCP Port 37777

Title source: llm

Exploitation Summary

CVE-2013-6117 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 4 public exploits from researchers including Jake Reynolds, milo2012, fsn4k3, including a Metasploit module auxiliary/scanner/misc/dahua_dvr_auth_bypass.

AI-analyzed exploit summary This is a Metasploit module that exploits an authentication bypass vulnerability in Dahua DVRs by sending crafted binary protocol commands to TCP port 37777. It can extract sensitive information (e.g., credentials, firmware version) and perform actions like password resets and log clearing without authentication.

Description

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

Exploits (4)

exploitdb WORKING POC

by Jake Reynolds · textwebappshardware

https://www.exploit-db.com/exploits/29673

View Code ZIP pw:eip

This is a Metasploit module that exploits an authentication bypass vulnerability in Dahua DVRs by sending crafted binary protocol commands to TCP port 37777. It can extract sensitive information (e.g., credentials, firmware version) and perform actions like password resets and log clearing without authentication.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Dahua web-enabled DVRs (v2.608.0000.0 and 2.608.GV00.0)

No auth needed

Prerequisites: Network access to TCP port 37777 on the target DVR

MITRE ATT&CK

T1110 - Brute Force T1087 - Account Discovery T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 8 stars

by milo2012 · remote

https://github.com/milo2012/CVE-2013-6117

View Code ZIP pw:eip

This Go-based exploit targets CVE-2013-6117, an authentication bypass vulnerability in Dahua DVR devices. It sends a crafted packet to port 37777 to extract DDNS credentials (username/password) from vulnerable devices.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Dahua DVR (multiple versions)

No auth needed

Prerequisites: Network access to port 37777 on target device

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by fsn4k3 · poc

https://github.com/fsn4k3/dahua-dvr-metasploit

View Code ZIP pw:eip

This Metasploit module exploits CVE-2013-6117, an authentication bypass vulnerability in Dahua DVR devices. It interacts with the binary TCP protocol on port 37777 to extract sensitive information (version, serial, email settings, etc.) and optionally resets user passwords or clears logs.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Dahua DVR (various firmware versions)

No auth needed

Prerequisites: Network access to port 37777 (or HTTP fallback ports)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Jun 04, 2026 Full analysis →

metasploit WORKING POC

by Tyler Bennett - Talos Consulting, Jake Reynolds - Depth Security · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/dahua_dvr_auth_bypass.rb

View Code ZIP pw:eip

This Metasploit module exploits an authentication bypass vulnerability in Dahua DVR devices (CVE-2013-6117) by sending crafted binary payloads to port 37777. It can extract sensitive information (version, serial, user credentials, etc.) and optionally reset passwords or clear logs.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Dahua DVR (various versions)

No auth needed

Prerequisites: Network access to the target device on port 37777

MITRE ATT&CK

T1110 - Brute Force T1087 - Account Discovery T1005 - Data from Local System

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html

Mailing List mailing-list x_refsource_bugtraq

http://seclists.org/bugtraq/2013/Nov/62

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/99783

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/29673

Scores

EPSS 0.7071

EPSS Percentile 99.3%

Details

VulnCheck KEV 2025-02-27

CWE

CWE-287

Status published

Products (2)

dahuasecurity/dvr_firmware 2.608.0000.0

dahuasecurity/dvr_firmware 2.608.gv00.0

Published Jul 11, 2014

Tracked Since Feb 18, 2026