[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Dahua CVE-2021-33044, CVE-2021-33045

To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] Dahua CVE-2021-33044, CVE-2021-33045
From: bashis <mcw@xxxxxxxxxx>
Date: Mon, 6 Sep 2021 15:41:14 +0000

Greetings,

Two independent authentication bypass has been found in Dahua (and their OEMs) 
devices.
Due to the very high potential of another "Dahua mass hack", I will keep Full 
Disclosure details until October 6, 2021.
Highly recommend upgrading the firmware until then.

Dahua advisory: https://www.dahuasecurity.com/support/cybersecurity/details/957

Have a nice day,
https://github.com/mcw0/PoC
/bashis


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Backdoor.Win32.Small.vjt / Unauthenticated Remote Command Execution
Next by Date: [FD] rencode 3-byte packet DoS
Previous by thread: [FD] Backdoor.Win32.Small.vjt / Unauthenticated Remote Command Execution
Next by thread: [FD] rencode 3-byte packet DoS
Index(es):
- Date
- Thread