CVE-2021-33046

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 13-01-2022 10:15

Last modified: - 25-01-2022 04:13

Total changes: - 3

Description

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

High

Confidentiality

High

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

9.8

Base score

3.9

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=dahuasecurity AND product=ipc-hx1xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=ipc-hx1xxx AND version=-

AND

vendor=dahuasecurity AND product=ipc-hx2xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=ipc-hx2xxx AND version=-

AND

vendor=dahuasecurity AND product=ipc-hx3xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=ipc-hx3xxx AND version=-

AND

vendor=dahuasecurity AND product=ipc-hx5\(4\)\(3\)xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=ipc-hx5\(4\)\(3\)xxx AND version=-

AND

vendor=dahuasecurity AND product=ipc-hx5xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=ipc-hx5xxx AND version=-

AND

vendor=dahuasecurity AND product=sd1a1_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd1a1 AND version=-

AND

vendor=dahuasecurity AND product=sd22_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd22 AND version=-

AND

vendor=dahuasecurity AND product=sd49_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd49 AND version=-

AND

vendor=dahuasecurity AND product=sd50_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd50 AND version=-

AND

vendor=dahuasecurity AND product=sd52c_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd52c AND version=-

AND

vendor=dahuasecurity AND product=sd6al_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=sd6al AND version=-

AND

vendor=dahuasecurity AND product=tpc-bf1241_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-bf1241 AND version=-

AND

vendor=dahuasecurity AND product=tpc-bf2221_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-bf2221 AND version=-

AND

vendor=dahuasecurity AND product=tpc-bf5x01_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-bf5x01 AND version=-

AND

vendor=dahuasecurity AND product=tpc-pt8x21x_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-pt8x21x AND version=-

AND

vendor=dahuasecurity AND product=tpc-sd2221_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-sd2221 AND version=-

AND

vendor=dahuasecurity AND product=tpc-sd8x21_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=tpc-sd8x21 AND version=-

AND

vendor=dahuasecurity AND product=nvr1xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=nvr1xxx AND version=-

AND

vendor=dahuasecurity AND product=nvr2xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=nvr2xxx AND version=-

AND

vendor=dahuasecurity AND product=nvr4xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=nvr4xxx AND version=-

AND

vendor=dahuasecurity AND product=nvr5xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=nvr5xxx AND version=-

AND

vendor=dahuasecurity AND product=xvr4xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=xvr4xxx AND version=-

AND

vendor=dahuasecurity AND product=xvr5xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=xvr5xxx AND version=-

AND

vendor=dahuasecurity AND product=xvr7xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=xvr7xxx AND version=-

AND

vendor=dahuasecurity AND product=hcvr7xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=hcvr7xxx AND version=-

AND

vendor=dahuasecurity AND product=hcvr8xxx_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=hcvr8xxx AND version=-

AND

vendor=dahuasecurity AND product=vtox20xf_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=vtox20xf AND version=-

AND

vendor=dahuasecurity AND product=asc2204c_firmware AND versionEndIncluding=2021-7 AND versionStartIncluding=2017-7

vendor=dahuasecurity AND product=asc2204c AND version=-

Reference

Keywords

CVE-2021-33046

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-33046

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures