CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-33045

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.941

EPSS Ranking 99.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

Proposed Action

Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.

Ransomware Campaign

Unknown

References

Products affected by CVE-2021-33045

Dahuasecurity » Ipc-Hum7xxx » Version: N/A

cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-
Dahuasecurity » Ipc-Hx3xxx » Version: N/A

cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-
Dahuasecurity » Ipc-Hx5xxx » Version: N/A

cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-
Dahuasecurity » Nvr-1xxx » Version: N/A

cpe:2.3:h:dahuasecurity:nvr-1xxx:-
Dahuasecurity » Nvr-2xxx » Version: N/A

cpe:2.3:h:dahuasecurity:nvr-2xxx:-
Dahuasecurity » Nvr-4xxx » Version: N/A

cpe:2.3:h:dahuasecurity:nvr-4xxx:-
Dahuasecurity » Nvr-5xxx » Version: N/A

cpe:2.3:h:dahuasecurity:nvr-5xxx:-
Dahuasecurity » Nvr-6xx » Version: N/A

cpe:2.3:h:dahuasecurity:nvr-6xx:-
Dahuasecurity » Vth-542xh » Version: N/A

cpe:2.3:h:dahuasecurity:vth-542xh:-
Dahuasecurity » Vto-65xxx » Version: N/A

cpe:2.3:h:dahuasecurity:vto-65xxx:-
Dahuasecurity » Vto-75x95x » Version: N/A

cpe:2.3:h:dahuasecurity:vto-75x95x:-
Dahuasecurity » Xvr-4x04 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-4x04:-
Dahuasecurity » Xvr-4x08 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-4x08:-
Dahuasecurity » Xvr-5x04 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-5x04:-
Dahuasecurity » Xvr-5x08 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-5x08:-
Dahuasecurity » Xvr-5x16 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-5x16:-
Dahuasecurity » Xvr-7x16 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-7x16:-
Dahuasecurity » Xvr-7x32 » Version: N/A

cpe:2.3:h:dahuasecurity:xvr-7x32:-
Dahuasecurity » Ipc-Hum7xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*
Dahuasecurity » Ipc-Hx3xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*
Dahuasecurity » Ipc-Hx5xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*
Dahuasecurity » Nvr-1xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:nvr-1xxx_firmware:*
Dahuasecurity » Nvr-2xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:nvr-2xxx_firmware:*
Dahuasecurity » Nvr-4xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:nvr-4xxx_firmware:*
Dahuasecurity » Nvr-5xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:nvr-5xxx_firmware:*
Dahuasecurity » Nvr-6xx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:nvr-6xx_firmware:*
Dahuasecurity » Vth-542xh Firmware » Version: Any

cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*
Dahuasecurity » Vto-65xxx Firmware » Version: Any

cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*
Dahuasecurity » Vto-75x95x Firmware » Version: Any

cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*
Dahuasecurity » Xvr-4x04 Firmware » Version: N/A

cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:-
Dahuasecurity » Xvr-4x08 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-4x08_firmware:*
Dahuasecurity » Xvr-5x04 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-5x04_firmware:*
Dahuasecurity » Xvr-5x08 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-5x08_firmware:*
Dahuasecurity » Xvr-5x16 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-5x16_firmware:*
Dahuasecurity » Xvr-7x16 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-7x16_firmware:*
Dahuasecurity » Xvr-7x32 Firmware » Version: Any

cpe:2.3:o:dahuasecurity:xvr-7x32_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-33045

Products

Pricing

Contact Us