Vulnerabilities > CVE-2013-3615 - Credentials Management vulnerability in Dahuasecurity products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass. CVE-2013-3612,CVE-2013-3613,CVE-2013-3614,CVE-2013-3615,CVE-2013-6117. Webapps exploit for h... |
file | exploits/hardware/webapps/29673.txt |
id | EDB-ID:29673 |
last seen | 2016-02-03 |
modified | 2013-11-18 |
platform | hardware |
port | 37777 |
published | 2013-11-18 |
reporter | Jake Reynolds |
source | https://www.exploit-db.com/download/29673/ |
title | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass |
type | webapps |
Seebug
bulletinFamily | exploit |
description | No description provided by source. |
id | SSV:83161 |
last seen | 2017-11-19 |
modified | 2014-07-01 |
published | 2014-07-01 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-83161 |
title | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass |