Hardcoded Password Vulnerability in Dahua DVR Appliances
CVE-2013-3612

Currently unrated

Key Information:

Vendor: Dahuasecurity
Status: Dvr2104h; Dvr0404hd-a; Dvr1604hd-l; Dvr2104hc
Vendor: CVE Published:; 17 September 2013

🔔 Create Dahuasecurity Vulnerability Alert

What is CVE-2013-3612?

Dahua DVR appliances contain hardcoded passwords for the root and an unspecified backdoor account, posing significant security risks. This vulnerability enables remote attackers to exploit the system, potentially gaining unauthorized administrative access through various methods including ActiveX support and standalone clients, among other vectors. Organizations using these devices should assess their security protocols and consider immediate remediation to mitigate potential breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/800094

third-party-advisoryx_refsource_CERT-VN

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 17, 2013

JSON

Dahuasecurity

What is CVE-2013-3612?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.