Authentication Flaw in Dahua NVR Models Impacting Security Operations
CVE-2017-9314

8.8HIGH

Key Information:

Vendor: Dahua Technologies
Status: Nvr50xx, Vr52xx, Vr54xx, Vr58xx
Vendor: CVE Published:; 13 November 2017

🔔 Create Dahua Technologies Vulnerability Alert

What is CVE-2017-9314?

An authentication vulnerability has been identified in specific Dahua NVR models, including NVR50XX, NVR52XX, NVR54XX, and NVR58XX. This flaw exists in software versions prior to DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102, allowing attackers to exploit the vulnerability through JSON message forgery. Successful exploitation could lead to unauthorized access, enabling attackers to perform additional operations on the device, ultimately compromising its security and the integrity of the managed video data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NVR50XX, VR52XX, VR54XX, VR58XX Versions Build between 2013 and 2017/10

References

http://www.dahuasecurity.com/annoucementsingle/security-a...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 13, 2017
Vulnerability Reserved
May 30, 2017

JSON

Dahua Technologies

What is CVE-2017-9314?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.