CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-44954
https://notcve.org/view.php?id=CVE-2021-44954
In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration. En QVIS NVR DVR versiones anteriores a 13-12-2021, un atacante puede escalar los privilegios de un usuario qvisdvr al usuario root al abusar de una configuración errónea de Sudo • https://gist.github.com/Meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/a670418d51051d4e6513d86e84e8d5b8 https://twitter.com/Me9187/status/1414906288287404039 •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 2CVE-2021-41419
https://notcve.org/view.php?id=CVE-2021-41419
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. QVIS NVR DVR versiones anteriores a 13-12-2021, es vulnerable a una ejecución de código remota por medio de la deserialización de Java • https://gist.github.com/Meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/712ac36c8a08e2698e875169442a23a4 https://github.com/projectdiscovery/nuclei-templates/blob/master/iot/qvisdvr-deserialization-rce.yaml https://twitter.com/Me9187/status/1414904314368348163 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6432
https://notcve.org/view.php?id=CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information. Se ha descubierto un problema en dispositivos Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06. El Dahua DVR Protocol, que opera en el puerto TCP 37777, es un protocolo binario sin cifrar. • https://nullku7.github.io/stuff/exploit/dahua/2017/03/09/dahua-nvr-authbypass.html https://twitter.com/null_ku7/status/839814344351240193 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6342
https://notcve.org/view.php?id=CVE-2017-6342
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117. Dispositivos Dahua DHI-HCVR7216A-S3 con NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29 y SmartPSS Software 1.16.1 2017-01-19 envian el MD5 o SHA-256 Admin Hash durante el inicio de sesión automático de SmartPSS, esto podría permitir a atacantes remotos obtener información sensible rastreando la red y llevando a cabo un ataque a tablas rainbow, una vulnerabilidad diferente a CVE-2013-6117. • http://www.securityfocus.com/bid/96454 https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 24%CPEs: 4EXPL: 0CVE-2017-6343
https://notcve.org/view.php?id=CVE-2017-6343
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117. La interfaz web de los dispostivos Dahua DHI-HCVR7216A-S3 con NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29 y SmartPSS Software 1.16.1 2017-01-19 permite a atacantes remotos obtener acceso al inicio de sesión aprovechando el conocimiento de MD5 Admin Hash sin tener conocimiento de la contraseña correspondiente, una vulnerabilidad diferente a CVE-2013-6117. • http://www.securityfocus.com/bid/96449 https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html • CWE-287: Improper Authentication •