Password Hashing Vulnerability in Dahua DVR Appliances
CVE-2013-3615

Currently unrated

Key Information:

Vendor: Dahuasecurity
Status: Dvr2104h; Dvr0404hd-a; Dvr1604hd-l; Dvr2104hc
Vendor: CVE Published:; 17 September 2013

🔔 Create Dahuasecurity Vulnerability Alert

What is CVE-2013-3615?

Dahua DVR appliances utilize a password-hashing algorithm with a limited hash length, rendering passwords susceptible to compromise. This vulnerability allows context-dependent attackers to exploit the weakness and retrieve clear-text passwords through brute-force methods. The ease of discovering passwords poses a significant risk to users and network security, requiring immediate attention and remediation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/800094

third-party-advisoryx_refsource_CERT-VN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 17, 2013

JSON

Dahuasecurity

What is CVE-2013-3615?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.