CVE-2021-33045 – Dahua Technology / Multiple – Improper authentication

October 29, 2021

CVE-2021-33045 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a link to an exploit was shared in the underground.

Summary:

CVE-2021-33045 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

GitHub commit exploit –
https://github.com/mcw0/DahuaConsole

Known Counter Measures:

Dahua Technology addressed the vulnerability in a security advisory with updated versions.

Links to patches(if available)

https://www.dahuasecurity.com/support/cybersecurity/details/957

You may have missed

CISA Logo

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

April 19, 2024
alerts

Cryptographic Vulnerability in PuTTY

April 19, 2024
Basta

Black Basta Ransomware Victim: fluenthome[.]com

April 19, 2024
Basta

Black Basta Ransomware Victim: macphie[.]com

April 19, 2024
Basta

Black Basta Ransomware Victim: columbiapipe[.]com

April 19, 2024