Vulnerabilities > Dahuasecurity > Dvr2108He > High

DATE CVE VULNERABILITY TITLE RISK
2013-09-17 CVE-2013-3615 Credentials Management vulnerability in Dahuasecurity products
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
network
low complexity
dahuasecurity CWE-255
7.8
7.8
2013-09-17 CVE-2013-3613 Improper Authentication vulnerability in Dahuasecurity products
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
network
low complexity
dahuasecurity CWE-287
7.8
7.8