critical
9.8
CWE
287
Advisory Published
Updated

CVE-2021-33046

First published: Thu Jan 13 2022(Updated: )

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.

Credit: cybersecurity@dahuatech.com

Affected SoftwareAffected VersionHow to fix
Dahuasecurity Ipc-hx1xxx Firmware>=2017-7<=2021-7
Dahuasecurity Ipc-hx1xxx
Dahuasecurity Ipc-hx2xxx Firmware>=2017-7<=2021-7
Dahuasecurity Ipc-hx2xxx
Dahuasecurity Ipc-hx3xxx Firmware>=2017-7<=2021-7
Dahuasecurity Ipc-hx3xxx
Dahuasecurity Ipc-hx5\(4\)\(3\)xxx Firmware>=2017-7<=2021-7
Dahuasecurity Ipc-hx5\(4\)\(3\)xxx
Dahuasecurity Ipc-hx5xxx Firmware>=2017-7<=2021-7
Dahuasecurity Ipc-hx5xxx
Dahuasecurity Sd1a1 Firmware>=2017-7<=2021-7
Dahuasecurity Sd1a1
Dahuasecurity Sd22 Firmware>=2017-7<=2021-7
Dahuasecurity Sd22
Dahuasecurity Sd49 Firmware>=2017-7<=2021-7
Dahuasecurity Sd49
Dahuasecurity Sd50 Firmware>=2017-7<=2021-7
Dahuasecurity Sd50
Dahuasecurity Sd52c Firmware>=2017-7<=2021-7
Dahuasecurity Sd52c
Dahuasecurity Sd6al Firmware>=2017-7<=2021-7
Dahuasecurity Sd6al
Dahuasecurity Tpc-bf1241 Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-bf1241
Dahuasecurity Tpc-bf2221 Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-bf2221
Dahuasecurity Tpc-bf5x01 Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-bf5x01
Dahuasecurity Tpc-pt8x21x Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-pt8x21x
Dahuasecurity Tpc-sd2221 Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-sd2221
Dahuasecurity Tpc-sd8x21 Firmware>=2017-7<=2021-7
Dahuasecurity Tpc-sd8x21
Dahuasecurity Nvr1xxx Firmware>=2017-7<=2021-7
Dahuasecurity Nvr1xxx
Dahuasecurity Nvr2xxx Firmware>=2017-7<=2021-7
Dahuasecurity Nvr2xxx
Dahuasecurity Nvr4xxx Firmware>=2017-7<=2021-7
Dahuasecurity Nvr4xxx
Dahuasecurity Nvr5xxx Firmware>=2017-7<=2021-7
Dahuasecurity Nvr5xxx
Dahuasecurity Xvr4xxx Firmware>=2017-7<=2021-7
Dahuasecurity Xvr4xxx
Dahuasecurity Xvr5xxx Firmware>=2017-7<=2021-7
Dahuasecurity Xvr5xxx
Dahuasecurity Xvr7xxx Firmware>=2017-7<=2021-7
Dahuasecurity Xvr7xxx
Dahuasecurity Hcvr7xxx Firmware>=2017-7<=2021-7
Dahuasecurity Hcvr7xxx
Dahuasecurity Hcvr8xxx Firmware>=2017-7<=2021-7
Dahuasecurity Hcvr8xxx
Dahuasecurity Vtox20xf Firmware>=2017-7<=2021-7
Dahuasecurity Vtox20xf
Dahuasecurity Asc2204c Firmware>=2017-7<=2021-7
Dahuasecurity Asc2204c

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203