CVE-2013-5754

Type: 
Permissions, Privileges, and Access Control
Gravedad: 
Critical
Fecha publicación : 
09/17/2013
Última modificación: 
09/25/2013
Description
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Total commitment on system integrity + Total commitment on system confidentiality + Total commitment on system availability
Vulnerable software and versions
  • Dahuasecurity Dvr6404lf-s -
  • Dahuasecurity Dvr5816 -
  • Dahuasecurity Dvr5808 -
  • Dahuasecurity Dvr5804 -
  • Dahuasecurity Dvr5416 -
  • Dahuasecurity Dvr5408 -
  • Dahuasecurity Dvr5404 -
  • Dahuasecurity Dvr5216l -
  • Dahuasecurity Dvr5216a -
  • Dahuasecurity Dvr5208l -
  • Dahuasecurity Dvr5208a -
  • Dahuasecurity Dvr5204l -
  • Dahuasecurity Dvr5204a -
  • Dahuasecurity Dvr5116he -
  • Dahuasecurity Dvr5116h -
  • Dahuasecurity Dvr5116c -
  • Dahuasecurity Dvr5108he -
  • Dahuasecurity Dvr5108h -
  • Dahuasecurity Dvr5108c -
  • Dahuasecurity Dvr5104he -
  • Dahuasecurity Dvr5104h -
  • Dahuasecurity Dvr5104c -
  • Dahuasecurity Dvr3232l -
  • Dahuasecurity Dvr3224l -
  • Dahuasecurity Dvr3204lf-s -
  • Dahuasecurity Dvr3204lf-al -
  • Dahuasecurity Dvr3204hf-s -
  • Dahuasecurity Dvr2404lf-s -
  • Dahuasecurity Dvr2404lf-al -
  • Dahuasecurity Dvr2404hf-s -
  • Dahuasecurity Dvr2116he -
  • Dahuasecurity Dvr2116hc -
  • Dahuasecurity Dvr2116h -
  • Dahuasecurity Dvr2116c -
  • Dahuasecurity Dvr2108he -
  • Dahuasecurity Dvr2108hc -
  • Dahuasecurity Dvr2108h -
  • Dahuasecurity Dvr2108c -
  • Dahuasecurity Dvr2104he -
  • Dahuasecurity Dvr2104hc -
  • Dahuasecurity Dvr2104h -
  • Dahuasecurity Dvr2104c -
  • Dahuasecurity Dvr1604hf-u-e -
  • Dahuasecurity Dvr1604hf-s-e -
  • Dahuasecurity Dvr1604hf-l-e -
  • Dahuasecurity Dvr1604hf-al-e -
  • Dahuasecurity Dvr1604hf-a-e -
  • Dahuasecurity Dvr1604hd-s -
  • Dahuasecurity Dvr1604hd-l -
  • Dahuasecurity Dvr0804hf-u-e -
  • Dahuasecurity Dvr0804hf-s-e -
  • Dahuasecurity Dvr0804hf-l-e -
  • Dahuasecurity Dvr0804hf-al-e -
  • Dahuasecurity Dvr0804hf-a-e -
  • Dahuasecurity Dvr0804hd-s -
  • Dahuasecurity Dvr0804hd-l -
  • Dahuasecurity Dvr0804 -
  • Dahuasecurity Dvr0404hf-u-e -
  • Dahuasecurity Dvr0404hf-s-e -
  • Dahuasecurity Dvr0404hf-al-e -
  • Dahuasecurity Dvr0404hf-a-e -
  • Dahuasecurity Dvr0404hd-u -
  • Dahuasecurity Dvr0404hd-s -
  • Dahuasecurity Dvr0404hd-l -
  • Dahuasecurity Dvr0404hd-a -
References to Advisories, Solutions, and Tools
Explanation of fields