CVE-2013-3613
First published: Tue Sep 17 2013(Updated: )
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dahua Security DVR0404HD-A | ||
| Dahua Security DVR0404HD-L | ||
| Dahua Technology DVR0404HD-S | ||
| Dahua Security DVR0404HD-U | ||
| Dahuasecurity DVR0404HF-A-E | ||
| Dahua Security DVR0404HF-AL-E | ||
| Dahua Technology DVR0404HF-S-E | ||
| Dahua Technology DVR0404HF-U-E | ||
| Dahuasecurity DVR Firmware | ||
| Dahua Security DVR0804HD-L | ||
| Dahua Security DVR0804HD-S | ||
| Dahua Technology DVR0804HF-A-E | ||
| Dahua Security DVR0804HF-AL-E | ||
| Dahuasecurity Dvr0804hf-l-e | ||
| Dahua Technology DVR0804HF-S-E | ||
| Dahua DVR0804HF-U-E | ||
| Dahua Security DVR1604HD-L | ||
| Dahua Security DVR1604HD-S | ||
| Dahua Security DVR1604HF-A-E | ||
| Dahua Technology DVR1604HF-AL-E | ||
| Dahua Technology DVR1604HF-L-E | ||
| Dahua Technology DVR1604HF-S-E | ||
| Dahua Security DVR1604HF-U-E | ||
| Dahua Security DVR2104C | ||
| Dahua DVR 2104H | ||
| Dahuasecurity DVR2104HC | ||
| Dahua Dvr2104HE | ||
| Dahua Security DVR2108C | ||
| Dahua Security DVR2108H | ||
| Dahua DVR 2108HC | ||
| Dahua DVR 2108HE | ||
| Dahua Security DVR5116C | ||
| Dahua DVR 2116HE | ||
| Dahuasecurity DVR2116HC | ||
| Dahua DVR 2116HE | ||
| Dahua Security DVR2404HF-S | ||
| Dahua Technology DVR2404LF-AL | ||
| Dahuasecurity DVR2404LF-S | ||
| Dahua Security DVR3204HF-S | ||
| Dahua Security DVR3204LF-AL | ||
| Dahua Security DVR3204LF-S | ||
| Dahua Security DVR3224L | ||
| Dahua Security DVR3232L | ||
| Dahua DVR 5104C | ||
| Dahuasecurity Dvr5104h | ||
| Dahua DVR5104HE | ||
| Dahua DVR 5108C | ||
| Dahua Security DVR5108H | ||
| Dahua Security DVR5108HE | ||
| Dahua Security DVR5116C | ||
| Dahua DVR 5116H | ||
| Dahuasecurity DVR5116HE | ||
| Dahua Security DVR5204A | ||
| Dahua Security DVR5204L | ||
| Dahua Security DVR5208A | ||
| Dahua Security DVR5208L | ||
| Dahua Security DVR5216A | ||
| Dahua Technology DVR5216L | ||
| Dahuasecurity DVR Firmware | ||
| Dahua Security DVR5408 | ||
| Dahua Technology DVR5416 | ||
| Dahua Security DVR5804 | ||
| Dahuasecurity DVR Firmware | ||
| Dahua Security DVR5816 | ||
| Dahuasecurity DVR6404LF-S |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-3613?
CVE-2013-3613 has a high severity rating due to its potential for remote exploitation via replay attacks.
How do I fix CVE-2013-3613?
To fix CVE-2013-3613, disable UPnP functionality on the affected Dahua DVR appliances and apply any available firmware updates.
What types of devices are affected by CVE-2013-3613?
CVE-2013-3613 affects multiple models of Dahua DVR appliances, particularly the DVR0404 and DVR0804 series.
What is the impact of CVE-2013-3613?
The impact of CVE-2013-3613 includes unauthorized remote access to devices, potentially allowing attackers to execute commands via the TELNET port.
Are there any available patches for CVE-2013-3613?
Patches for CVE-2013-3613 are typically provided in firmware updates from Dahua, and users should ensure their devices are up to date.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dahuasecurity
- canonical/dahua security dvr0404hd-a
- canonical/dahua security dvr0404hd-l
- canonical/dahua technology dvr0404hd-s
- canonical/dahua security dvr0404hd-u
- canonical/dahuasecurity dvr0404hf-a-e
- canonical/dahua security dvr0404hf-al-e
- canonical/dahua technology dvr0404hf-s-e
- canonical/dahua technology dvr0404hf-u-e
- canonical/dahuasecurity dvr firmware
- canonical/dahua security dvr0804hd-l
- canonical/dahua security dvr0804hd-s
- canonical/dahua technology dvr0804hf-a-e
- canonical/dahua security dvr0804hf-al-e
- canonical/dahuasecurity dvr0804hf-l-e
- canonical/dahua technology dvr0804hf-s-e
- canonical/dahua dvr0804hf-u-e
- canonical/dahua security dvr1604hd-l
- canonical/dahua security dvr1604hd-s
- canonical/dahua security dvr1604hf-a-e
- canonical/dahua technology dvr1604hf-al-e
- canonical/dahua technology dvr1604hf-l-e
- canonical/dahua technology dvr1604hf-s-e
- canonical/dahua security dvr1604hf-u-e
- canonical/dahua security dvr2104c
- canonical/dahua dvr 2104h
- canonical/dahuasecurity dvr2104hc
- canonical/dahua dvr2104he
- canonical/dahua security dvr2108c
- canonical/dahua security dvr2108h
- canonical/dahua dvr 2108hc
- canonical/dahua dvr 2108he
- canonical/dahua security dvr5116c
- canonical/dahua dvr 2116he
- canonical/dahuasecurity dvr2116hc
- canonical/dahua security dvr2404hf-s
- canonical/dahua technology dvr2404lf-al
- canonical/dahuasecurity dvr2404lf-s
- canonical/dahua security dvr3204hf-s
- canonical/dahua security dvr3204lf-al
- canonical/dahua security dvr3204lf-s
- canonical/dahua security dvr3224l
- canonical/dahua security dvr3232l
- canonical/dahua dvr 5104c
- canonical/dahuasecurity dvr5104h
- canonical/dahua dvr5104he
- canonical/dahua dvr 5108c
- canonical/dahua security dvr5108h
- canonical/dahua security dvr5108he
- canonical/dahua dvr 5116h
- canonical/dahuasecurity dvr5116he
- canonical/dahua security dvr5204a
- canonical/dahua security dvr5204l
- canonical/dahua security dvr5208a
- canonical/dahua security dvr5208l
- canonical/dahua security dvr5216a
- canonical/dahua technology dvr5216l
- canonical/dahua security dvr5408
- canonical/dahua technology dvr5416
- canonical/dahua security dvr5804
- canonical/dahua security dvr5816
- canonical/dahuasecurity dvr6404lf-s