CVE-2021-33044 – Dahua Technology / Multiple – Improper authentication

October 29, 2021

CVE-2021-33044 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a link to an exploit was shared in the underground.

Summary:

CVE-2021-33044 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

GitHub commit exploit –
https://github.com/mcw0/DahuaConsole

Known Counter Measures:

Dahua Technology addressed the vulnerability in a security advisory with updated versions.

Links to patches(if available)

https://www.dahuasecurity.com/support/cybersecurity/details/957

You may have missed

unlock membership

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

November 15, 2024
news

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

November 15, 2024
news

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

November 15, 2024
news

API Security Threats: 83% of Companies Experience Security Incidents

November 15, 2024
news

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

November 15, 2024