Skip to main content

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Sep 17, 2013 - 12:04 cve.org
CRITICAL 9.3

DescriptionCVE.org

Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.

AnalysisAI

Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.8%.

Technical ContextAI

This vulnerability is classified under CWE-264. Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack. Affected products include: Dahuasecurity Dvr0404Hd-A, Dahuasecurity Dvr0404Hd-L, Dahuasecurity Dvr0404Hd-S, Dahuasecurity Dvr0404Hd-U, Dahuasecurity Dvr0404Hf-A-E.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2013-3614 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy