← Back

CVE-2013-5754

nvd nist
Published: Sep 17, 2013Modified: Apr 29, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612.

Affected (65)

Dahuasecurity
65 products
Dvr0404hd A
Dvr0404hd L
Dvr0404hd S
Dvr0404hd U
Dvr0404hf A E
Dvr0404hf Al E
Dvr0404hf S E
Dvr0404hf U E
Dvr0804
Dvr0804hd L
Dvr0804hd S
Dvr0804hf A E
Dvr0804hf Al E
Dvr0804hf L E
Dvr0804hf S E
Dvr0804hf U E
Dvr1604hd L
Dvr1604hd S
Dvr1604hf A E
Dvr1604hf Al E
Dvr1604hf L E
Dvr1604hf S E
Dvr1604hf U E
Dvr2104c
Dvr2104h
Dvr2104hc
Dvr2104he
Dvr2108c
Dvr2108h
Dvr2108hc
Dvr2108he
Dvr2116c
Dvr2116h
Dvr2116hc
Dvr2116he
Dvr2404hf S
Dvr2404lf Al
Dvr2404lf S
Dvr3204hf S
Dvr3204lf Al
Dvr3204lf S
Dvr3224l
Dvr3232l
Dvr5104c
Dvr5104h
Dvr5104he
Dvr5108c
Dvr5108h
Dvr5108he
Dvr5116c
Dvr5116h
Dvr5116he
Dvr5204a
Dvr5204l
Dvr5208a
Dvr5208l
Dvr5216a
Dvr5216l
Dvr5404
Dvr5408
Dvr5416
Dvr5804
Dvr5808
Dvr5816
Dvr6404lf S
Configuration A
65 vulnerable
Vulnerable SoftwareAffected Versions
Dvr0404hd A
All versions
Dvr0404hd L
All versions
Dvr0404hd S
All versions
Dvr0404hd U
All versions
Dvr0404hf A E
All versions
Dvr0404hf Al E
All versions
Dvr0404hf S E
All versions
Dvr0404hf U E
All versions
Dvr0804
All versions
Dvr0804hd L
All versions
Dvr0804hd S
All versions
Dvr0804hf A E
All versions
Dvr0804hf Al E
All versions
Dvr0804hf L E
All versions
Dvr0804hf S E
All versions
Dvr0804hf U E
All versions
Dvr1604hd L
All versions
Dvr1604hd S
All versions
Dvr1604hf A E
All versions
Dvr1604hf Al E
All versions
Dvr1604hf L E
All versions
Dvr1604hf S E
All versions
Dvr1604hf U E
All versions
Dvr2104c
All versions
Dvr2104h
All versions
Dvr2104hc
All versions
Dvr2104he
All versions
Dvr2108c
All versions
Dvr2108h
All versions
Dvr2108hc
All versions
Dvr2108he
All versions
Dvr2116c
All versions
Dvr2116h
All versions
Dvr2116hc
All versions
Dvr2116he
All versions
Dvr2404hf S
All versions
Dvr2404lf Al
All versions
Dvr2404lf S
All versions
Dvr3204hf S
All versions
Dvr3204lf Al
All versions
Dvr3204lf S
All versions
Dvr3224l
All versions
Dvr3232l
All versions
Dvr5104c
All versions
Dvr5104h
All versions
Dvr5104he
All versions
Dvr5108c
All versions
Dvr5108h
All versions
Dvr5108he
All versions
Dvr5116c
All versions
Dvr5116h
All versions
Dvr5116he
All versions
Dvr5204a
All versions
Dvr5204l
All versions
Dvr5208a
All versions
Dvr5208l
All versions
Dvr5216a
All versions
Dvr5216l
All versions
Dvr5404
All versions
Dvr5408
All versions
Dvr5416
All versions
Dvr5804
All versions
Dvr5808
All versions
Dvr5816
All versions
Dvr6404lf S
All versions

Related CWEs

CWE-264
CWE-264

References (2)

Source: cve@mitre.org
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource

Timeline

No history available yet.