CVE-2017-9316
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device to receive only specific data (one direction, no transmit) and therefore it was not involved in any instance of collecting user privacy data or allowing remote code execution.
Se ha encontrado una vulnerabilidad de omisión de autenticación de actualización de firmware en Dahua IPC-HDW4300S y algunos productos IP. La vulnerabilidad fue provocada por la función interna de depuración. Esta función en particular fue empleada para analizar problemas y ajustar el rendimiento durante la fase de desarrollo del producto. Permitía que el dispositivo reciba solo datos específicos (una dirección, sin transmitir) y, por lo tanto, no estaba implicada en ninguna instancia de recolección de datos privados del usuario o de permisión de ejecución remota de código.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-05-30 CVE Reserved
- 2017-11-27 CVE Published
- 2024-07-31 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.dahuasecurity.com/annoucementsingle/security-advisory--high-risk-vulnerability-found-in-dahua-ipc-hdw4300s-and-some-ip-products_14731_231.html | 2017-12-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.0.r.20150206 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.0.r.20150206" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.1.r.20150420 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.1.r.20150420" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.2.r.20150715 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.2.r.20150715" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.3.r.20150921 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.3.r.20150921" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20160409 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20160409" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20160603 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20160603" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20160803 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20160803" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20161226 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20161226" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20170305 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20170305" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Firmware Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" | 3.210.0000.5.r.20170321 Search vendor "Dahuasecurity" for product "Nvr11hs Firmware" and version "3.210.0000.5.r.20170321" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Nvr11hs Search vendor "Dahuasecurity" for product "Nvr11hs" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.240.0009.0.r.20131015 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.240.0009.0.r.20131015" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.400.0000.0.r.20131231 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.400.0000.0.r.20131231" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0000.0.r.20140419 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0000.0.r.20140419" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0002.0.r.20140621 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0002.0.r.20140621" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0002.0.r.20140724 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0002.0.r.20140724" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0005.0.r.20141205 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0005.0.r.20141205" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0007.0.r.20150409 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0007.0.r.20150409" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" | 2.420.0008.0.r.20150710 Search vendor "Dahuasecurity" for product "Ipc-hdw4300s Firmware" and version "2.420.0008.0.r.20150710" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4300s Search vendor "Dahuasecurity" for product "Ipc-hdw4300s" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hfw4x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hfw4x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw4x00 Search vendor "Dahuasecurity" for product "Ipc-hfw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hfw4x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hfw4x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw4x00 Search vendor "Dahuasecurity" for product "Ipc-hfw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hdw4x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4x00 Search vendor "Dahuasecurity" for product "Ipc-hdw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw4x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hdw4x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw4x00 Search vendor "Dahuasecurity" for product "Ipc-hdw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw4x00 Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw4x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw4x00 Search vendor "Dahuasecurity" for product "Ipc-hdbw4x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hf5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hf5x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hf5x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hf5x00 Search vendor "Dahuasecurity" for product "Ipc-hf5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hf5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hf5x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hf5x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hf5x00 Search vendor "Dahuasecurity" for product "Ipc-hf5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hfw5x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hfw5x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw5x00 Search vendor "Dahuasecurity" for product "Ipc-hfw5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hfw5x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hfw5x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hfw5x00 Search vendor "Dahuasecurity" for product "Ipc-hfw5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw5x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hdw5x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw5x00 Search vendor "Dahuasecurity" for product "Ipc-hdw5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdw5x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hdw5x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdw5x00 Search vendor "Dahuasecurity" for product "Ipc-hdw5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00 Firmware" | 2.400.0000.3.r.20150312 Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00 Firmware" and version "2.400.0000.3.r.20150312" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw5x00 Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00" | - | - |
Safe
|
| Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw5x00 Firmware Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00 Firmware" | 2.420.0006.0.r.20150311 Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00 Firmware" and version "2.420.0006.0.r.20150311" | - |
Affected
| in | Dahuasecurity Search vendor "Dahuasecurity" | Ipc-hdbw5x00 Search vendor "Dahuasecurity" for product "Ipc-hdbw5x00" | - | - |
Safe
|