CVE-2017-9315

Published: Nov 28, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.

Affected (25)

Products: Dahuasecurity: Ipc Hfw1xxx Firmware, Ipc Hdw1xxx Firmware, Ipc Hdbw1xxx Firmware, Ipc Hfw2xxx Firmware, Ipc Hdw2xxx Firmware, Ipc Hdbw2xxx Firmware, Ipc Hfw4xxx Firmware, Ipc Hdw4xxx Firmware, Ipc Hdbw4xxx Firmware, Ipc Hf5xxx Firmware, Ipc Hfw5xxx Firmware, Ipc Hdw5xxx Firmware, Ipc Hdbw5xxx Firmware, Ipc Hf8xxx Firmware, Ipc Hfw8xxx Firmware, Ipc Hdbw8xxx Firmware, Ipc Ebw8xxx Firmware, Ipc Pfw8xxx Firmware, Dh Sd2xxxxx Firmware, Ipc Pdbw8xxx Firmware, Ipc Hum8xxx Firmware, Psd8xxxx Firmware, Dh Sd4xxxxx Firmware, Dh Sd5xxxxx Firmware, Dh Sd6xxxxx Firmware

Dahuasecurity

25 products

Ipc Hfw1xxx Firmware

Ipc Hdw1xxx Firmware

Ipc Hdbw1xxx Firmware

Ipc Hfw2xxx Firmware

Ipc Hdw2xxx Firmware

Ipc Hdbw2xxx Firmware

Ipc Hfw4xxx Firmware

Ipc Hdw4xxx Firmware

Ipc Hdbw4xxx Firmware

Ipc Hf5xxx Firmware

Ipc Hfw5xxx Firmware

Ipc Hdw5xxx Firmware

Ipc Hdbw5xxx Firmware

Ipc Hf8xxx Firmware

Ipc Hfw8xxx Firmware

Ipc Hdbw8xxx Firmware

Ipc Ebw8xxx Firmware

Ipc Pfw8xxx Firmware

Dh Sd2xxxxx Firmware

Ipc Pdbw8xxx Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hfw1xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hfw1xxx	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdw1xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdw1xxx	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdbw1xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdbw1xxx	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hfw2xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hfw2xxx	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdw2xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdw2xxx	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdbw2xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdbw2xxx	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hfw4xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hfw4xxx	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdw4xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdw4xxx	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdbw4xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdbw4xxx	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hf5xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hf5xxx	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hfw5xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hfw5xxx	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdw5xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdw5xxx	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdbw5xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdbw5xxx	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hf8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hf8xxx	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hfw8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hfw8xxx	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hdbw8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hdbw8xxx	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Ebw8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Ebw8xxx	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Pfw8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Pfw8xxx	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Dh Sd2xxxxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Dh Sd2xxxxx	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Pdbw8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Pdbw8xxx	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Ipc Hum8xxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Ipc Hum8xxx	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Psd8xxxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Psd8xxxx	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Dh Sd4xxxxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Dh Sd4xxxxx	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Dh Sd5xxxxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Dh Sd5xxxxx	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dahuasecurity Dh Sd6xxxxx Firmware	All versions

Running on/with	Platform Versions
Dahuasecurity Dh Sd6xxxxx	All versions

References (2)

http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html

Source: cybersecurity@dahuatech.com

Vendor Advisory

http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.