CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.8973 (89.7%)
Percentil: 99.6%
EPSS: 2026-05-06
Afecta
dahuasecurity:dvr_firmwareDescripción técnica
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
Publicada: 11/7/2014, 19:55:02
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html
- http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html
- http://seclists.org/bugtraq/2013/Nov/62
- http://www.exploit-db.com/exploits/29673
- http://www.osvdb.org/99783
- http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html
- http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html
- http://seclists.org/bugtraq/2013/Nov/62