CVE-2021-33046
First published: Thu Jan 13 2022(Updated: )
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.
Credit: cybersecurity@dahuatech.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dahua Security IPC-HX1XXX Firmware | >=2017-7<=2021-7 | |
| Dahua Security IPC-HX1XXX Firmware | ||
| Dahuasecurity IPC-HX2XXX | >=2017-7<=2021-7 | |
| Dahuasecurity IPC-HX2XXX Firmware | ||
| Dahuasecurity IPC-HX3XXX Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity IPC-HX3XXX | ||
| Dahuasecurity IPC-HX5(4)(3)XXX Firmware | >=2017-7<=2021-7 | |
| Dahua IPC-HX5(4)(3)XXX | ||
| Dahuasecurity IPC-HX5(4)(3)XXX Firmware | >=2017-7<=2021-7 | |
| Dahua IPC-HX5(4)(3)XXX | ||
| Dahuasecurity Sd1a1 | >=2017-7<=2021-7 | |
| Dahuasecurity Sd1a1 Firmware | ||
| Dahua Security SD22 | >=2017-7<=2021-7 | |
| Dahua Security SD22 | ||
| Dahuasecurity SD49 Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity SD49 Firmware | ||
| Dahuasecurity Sd50 Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Sd50 Firmware | ||
| Dahuasecurity Sd52c Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Sd52c Firmware | ||
| Dahua Security SD6AL Firmware | >=2017-7<=2021-7 | |
| Dahua Security SD6AL | ||
| Dahuasecurity Tpc-bf1241 Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Tpc-bf1241 Firmware | ||
| Dahuasecurity Tpc-bf2221 | >=2017-7<=2021-7 | |
| Dahuasecurity Tpc-bf2221 Firmware | ||
| Dahuasecurity Tpc-bf5x01 | >=2017-7<=2021-7 | |
| Dahuasecurity Tpc-bf5x01 Firmware | ||
| Dahua TPC-PT8X21X Firmware | >=2017-7<=2021-7 | |
| Dahua TPC-PT8X21X Firmware | ||
| Dahua Technology TPC-SD2221 | >=2017-7<=2021-7 | |
| Dahua Technology TPC-SD2221 | ||
| Dahuasecurity Tpc-sd8x21 Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Tpc-sd8x21 Firmware | ||
| Dahua NVR 1xxx Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity NVR-1xxx | ||
| Dahuasecurity Nvr-2xxx Firmware | >=2017-7<=2021-7 | |
| Dahua Security NVR 2xxx | ||
| Dahuasecurity Nvr-4xxx Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Nvr4xxx Firmware | ||
| Dahua Technology NVR 5xxx Firmware | >=2017-7<=2021-7 | |
| Dahua Technology NVR 5xxx Firmware | ||
| Dahuasecurity Xvr4xxx Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Xvr4xxx Firmware | ||
| Dahuasecurity Xvr5xxx Firmware | >=2017-7<=2021-7 | |
| Dahua Technology XVR Series | ||
| Dahuasecurity Xvr7xxx Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Xvr7xxx Firmware | ||
| Dahuasecurity Hcvr7xxx Firmware | >=2017-7<=2021-7 | |
| Dahuasecurity Hcvr7xxx Firmware | ||
| Dahua Security HCVR8XXX Firmware | >=2017-7<=2021-7 | |
| Dahua Security HCVR8XXX Firmware | ||
| Dahuasecurity Vtox20xf | >=2017-7<=2021-7 | |
| Dahuasecurity Vtox20xf Firmware | ||
| Dahuasecurity Asc2204c | >=2017-7<=2021-7 | |
| Dahuasecurity Asc2204c Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-33046?
CVE-2021-33046 is rated as a high severity vulnerability due to its potential for unauthorized password resets.
How do I fix CVE-2021-33046?
To remediate CVE-2021-33046, update your Dahua device firmware to a version released after July 2021.
Which products are affected by CVE-2021-33046?
CVE-2021-33046 affects various Dahua products including IPC-HX1XXX, IPC-HX2XXX, IPC-HX3XXX, and several firmware versions.
Can CVE-2021-33046 be exploited remotely?
Yes, CVE-2021-33046 can be exploited remotely if specific conditions are met in the deployment of the affected devices.
Is there any workaround for CVE-2021-33046 until a patch is applied?
There are no known workarounds for CVE-2021-33046; applying the firmware update is essential to mitigate the risk.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dahuasecurity
- canonical/dahua security ipc-hx1xxx firmware
- version/dahua security ipc-hx1xxx firmware/2017-7
- version/dahua security ipc-hx1xxx firmware/2021-7
- canonical/dahuasecurity ipc-hx2xxx
- version/dahuasecurity ipc-hx2xxx/2017-7
- version/dahuasecurity ipc-hx2xxx/2021-7
- canonical/dahuasecurity ipc-hx2xxx firmware
- canonical/dahuasecurity ipc-hx3xxx firmware
- version/dahuasecurity ipc-hx3xxx firmware/2017-7
- version/dahuasecurity ipc-hx3xxx firmware/2021-7
- canonical/dahuasecurity ipc-hx3xxx
- canonical/dahuasecurity ipc-hx5(4)(3)xxx firmware
- version/dahuasecurity ipc-hx5(4)(3)xxx firmware/2017-7
- version/dahuasecurity ipc-hx5(4)(3)xxx firmware/2021-7
- canonical/dahua ipc-hx5(4)(3)xxx
- canonical/dahuasecurity sd1a1
- version/dahuasecurity sd1a1/2017-7
- version/dahuasecurity sd1a1/2021-7
- canonical/dahuasecurity sd1a1 firmware
- canonical/dahua security sd22
- version/dahua security sd22/2017-7
- version/dahua security sd22/2021-7
- canonical/dahuasecurity sd49 firmware
- version/dahuasecurity sd49 firmware/2017-7
- version/dahuasecurity sd49 firmware/2021-7
- canonical/dahuasecurity sd50 firmware
- version/dahuasecurity sd50 firmware/2017-7
- version/dahuasecurity sd50 firmware/2021-7
- canonical/dahuasecurity sd52c firmware
- version/dahuasecurity sd52c firmware/2017-7
- version/dahuasecurity sd52c firmware/2021-7
- canonical/dahua security sd6al firmware
- version/dahua security sd6al firmware/2017-7
- version/dahua security sd6al firmware/2021-7
- canonical/dahua security sd6al
- canonical/dahuasecurity tpc-bf1241 firmware
- version/dahuasecurity tpc-bf1241 firmware/2017-7
- version/dahuasecurity tpc-bf1241 firmware/2021-7
- canonical/dahuasecurity tpc-bf2221
- version/dahuasecurity tpc-bf2221/2017-7
- version/dahuasecurity tpc-bf2221/2021-7
- canonical/dahuasecurity tpc-bf2221 firmware
- canonical/dahuasecurity tpc-bf5x01
- version/dahuasecurity tpc-bf5x01/2017-7
- version/dahuasecurity tpc-bf5x01/2021-7
- canonical/dahuasecurity tpc-bf5x01 firmware
- canonical/dahua tpc-pt8x21x firmware
- version/dahua tpc-pt8x21x firmware/2017-7
- version/dahua tpc-pt8x21x firmware/2021-7
- canonical/dahua technology tpc-sd2221
- version/dahua technology tpc-sd2221/2017-7
- version/dahua technology tpc-sd2221/2021-7
- canonical/dahuasecurity tpc-sd8x21 firmware
- version/dahuasecurity tpc-sd8x21 firmware/2017-7
- version/dahuasecurity tpc-sd8x21 firmware/2021-7
- canonical/dahua nvr 1xxx firmware
- version/dahua nvr 1xxx firmware/2017-7
- version/dahua nvr 1xxx firmware/2021-7
- canonical/dahuasecurity nvr-1xxx
- canonical/dahuasecurity nvr-2xxx firmware
- version/dahuasecurity nvr-2xxx firmware/2017-7
- version/dahuasecurity nvr-2xxx firmware/2021-7
- canonical/dahua security nvr 2xxx
- canonical/dahuasecurity nvr-4xxx firmware
- version/dahuasecurity nvr-4xxx firmware/2017-7
- version/dahuasecurity nvr-4xxx firmware/2021-7
- canonical/dahuasecurity nvr4xxx firmware
- canonical/dahua technology nvr 5xxx firmware
- version/dahua technology nvr 5xxx firmware/2017-7
- version/dahua technology nvr 5xxx firmware/2021-7
- canonical/dahuasecurity xvr4xxx firmware
- version/dahuasecurity xvr4xxx firmware/2017-7
- version/dahuasecurity xvr4xxx firmware/2021-7
- canonical/dahuasecurity xvr5xxx firmware
- version/dahuasecurity xvr5xxx firmware/2017-7
- version/dahuasecurity xvr5xxx firmware/2021-7
- canonical/dahua technology xvr series
- canonical/dahuasecurity xvr7xxx firmware
- version/dahuasecurity xvr7xxx firmware/2017-7
- version/dahuasecurity xvr7xxx firmware/2021-7
- canonical/dahuasecurity hcvr7xxx firmware
- version/dahuasecurity hcvr7xxx firmware/2017-7
- version/dahuasecurity hcvr7xxx firmware/2021-7
- canonical/dahua security hcvr8xxx firmware
- version/dahua security hcvr8xxx firmware/2017-7
- version/dahua security hcvr8xxx firmware/2021-7
- canonical/dahuasecurity vtox20xf
- version/dahuasecurity vtox20xf/2017-7
- version/dahuasecurity vtox20xf/2021-7
- canonical/dahuasecurity vtox20xf firmware
- canonical/dahuasecurity asc2204c
- version/dahuasecurity asc2204c/2017-7
- version/dahuasecurity asc2204c/2021-7
- canonical/dahuasecurity asc2204c firmware