CVE-2021-33044 – Dahua IP Camera Authentication Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2021-33044

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. Una vulnerabilidad de omisión de autenticación de identidad encontrada en algunos productos Dahua durante el proceso de inicio de sesión. Los atacantes pueden omitir la autenticación de la identidad del dispositivo al construir paquetes de datos maliciosos Various Dahua products suffers from multiple authentication bypass vulnerabilities. Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication. • https://github.com/dorkerdevil/CVE-2021-33044 https://github.com/haingn/LoHongCam-CVE-2021-33044 http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html http://seclists.org/fulldisclosure/2021/Oct/13 https://www.dahuasecurity.com/support/cybersecurity/details/957 • CWE-287: Improper Authentication •