Vulnerabilities > CVE-2013-3615 - Credentials Management vulnerability in Dahuasecurity products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass. CVE-2013-3612,CVE-2013-3613,CVE-2013-3614,CVE-2013-3615,CVE-2013-6117. Webapps exploit for h... |
| file | exploits/hardware/webapps/29673.txt |
| id | EDB-ID:29673 |
| last seen | 2016-02-03 |
| modified | 2013-11-18 |
| platform | hardware |
| port | 37777 |
| published | 2013-11-18 |
| reporter | Jake Reynolds |
| source | https://www.exploit-db.com/download/29673/ |
| title | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass |
| type | webapps |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:83161 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-83161 |
| title | Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass |