CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6432
https://notcve.org/view.php?id=CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information. Se ha descubierto un problema en dispositivos Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06. El Dahua DVR Protocol, que opera en el puerto TCP 37777, es un protocolo binario sin cifrar. • https://nullku7.github.io/stuff/exploit/dahua/2017/03/09/dahua-nvr-authbypass.html https://twitter.com/null_ku7/status/839814344351240193 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6342
https://notcve.org/view.php?id=CVE-2017-6342
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117. Dispositivos Dahua DHI-HCVR7216A-S3 con NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29 y SmartPSS Software 1.16.1 2017-01-19 envian el MD5 o SHA-256 Admin Hash durante el inicio de sesión automático de SmartPSS, esto podría permitir a atacantes remotos obtener información sensible rastreando la red y llevando a cabo un ataque a tablas rainbow, una vulnerabilidad diferente a CVE-2013-6117. • http://www.securityfocus.com/bid/96454 https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 24%CPEs: 4EXPL: 0CVE-2017-6343
https://notcve.org/view.php?id=CVE-2017-6343
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117. La interfaz web de los dispostivos Dahua DHI-HCVR7216A-S3 con NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29 y SmartPSS Software 1.16.1 2017-01-19 permite a atacantes remotos obtener acceso al inicio de sesión aprovechando el conocimiento de MD5 Admin Hash sin tener conocimiento de la contraseña correspondiente, una vulnerabilidad diferente a CVE-2013-6117. • http://www.securityfocus.com/bid/96449 https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6341
https://notcve.org/view.php?id=CVE-2017-6341
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interfaces, which allows remote attackers to obtain sensitive information by sniffing the network, a different vulnerability than CVE-2013-6117. Dispositivos Dahua DHI-HCVR7216A-S3 con NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29 y SmartPSS Software 1.16.1 2017-01-19 envia contraseñas en texto plano en respuesta a las solicitudes de la página web, aplicaciones móviles e interfaces de aplicaciones de escritorio, lo que permite a atacantes remotos obtener información sensible rastreando la red, una vulnerabilidad diferente a CVE-2013-6117. • http://www.securityfocus.com/bid/96456 https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html https://twitter.com/null_ku7/status/835649185168838657 • CWE-319: Cleartext Transmission of Sensitive Information •