CVSS: 9.8EPSS: 0%CPEs: 56EXPL: 0CVE-2021-33046
https://notcve.org/view.php?id=CVE-2021-33046
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords. Algunos productos Dahua presentan una vulnerabilidad de control de acceso en el proceso de restablecimiento de la contraseña. Los atacantes pueden explotar esta vulnerabilidad mediante implementaciones específicas para restablecer las contraseñas de los dispositivos • https://support.dahuatech.com/networkSecurity/securityDetails?id=95 https://www.dahuasecurity.com/support/cybersecurity/details/957 https://www.dahuasecurity.com/support/cybersecurity/details/987 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 93%CPEs: 38EXPL: 2CVE-2021-33045 – Dahua IP Camera Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-33045
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. Una vulnerabilidad de omisión de autenticación de identidad encontrada en algunos productos Dahua durante el proceso de inicio de sesión. Los atacantes pueden omitir la autenticación de identidad del dispositivo al construir paquetes de datos maliciosos Various Dahua products suffers from multiple authentication bypass vulnerabilities. Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication. • http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html http://seclists.org/fulldisclosure/2021/Oct/13 https://www.dahuasecurity.com/support/cybersecurity/details/957 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 95%CPEs: 38EXPL: 4CVE-2021-33044 – Dahua IP Camera Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-33044
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. Una vulnerabilidad de omisión de autenticación de identidad encontrada en algunos productos Dahua durante el proceso de inicio de sesión. Los atacantes pueden omitir la autenticación de la identidad del dispositivo al construir paquetes de datos maliciosos Various Dahua products suffers from multiple authentication bypass vulnerabilities. Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication. • https://github.com/dorkerdevil/CVE-2021-33044 https://github.com/haingn/LoHongCam-CVE-2021-33044 http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html http://seclists.org/fulldisclosure/2021/Oct/13 https://www.dahuasecurity.com/support/cybersecurity/details/957 • CWE-287: Improper Authentication •