Описание
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:dahuasecurity:dvr0404hd-a:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hd-l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hd-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hd-u:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hf-a-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hf-al-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hf-s-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0404hf-u-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hd-l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hd-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hf-a-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hf-al-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hf-l-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hf-s-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr0804hf-u-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hd-l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hd-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hf-a-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hf-al-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hf-l-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hf-s-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr1604hf-u-e:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2104c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2104h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2104hc:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2104he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2108c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2108h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2108hc:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2108he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2116c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2116h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2116hc:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2116he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2404hf-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2404lf-al:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr2404lf-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr3204hf-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr3204lf-al:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr3204lf-s:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr3224l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr3232l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5104c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5104h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5104he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5108c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5108h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5108he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5116c:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5116h:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5116he:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5204a:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5204l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5208a:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5208l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5216a:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5216l:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5404:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5408:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5416:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5804:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5808:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr5816:-:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dvr6404lf-s:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08487
Низкий
7.8 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
EPSS
Процентиль: 92%
0.08487
Низкий
7.8 High
CVSS2
Дефекты
CWE-287