Strix
26.1K

CVE-2013-3613

UnknownEPSS 6.66%

Last modified

CVE-2013-3613 is a vulnerability of currently unknown severity. Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.. EPSS estimates a 6.66% chance of exploitation in the next 30 days.

Description

Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.

Metrics

EPSS Probability
6.66%

93.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DahuasecurityDvr0404hd-AAll versions
DahuasecurityDvr0404hd-LAll versions
DahuasecurityDvr0404hd-SAll versions
DahuasecurityDvr0404hd-UAll versions
DahuasecurityDvr0404hf-A-EAll versions
DahuasecurityDvr0404hf-Al-EAll versions
DahuasecurityDvr0404hf-S-EAll versions
DahuasecurityDvr0404hf-U-EAll versions
DahuasecurityDvr0804All versions
DahuasecurityDvr0804hd-LAll versions
DahuasecurityDvr0804hd-SAll versions
DahuasecurityDvr0804hf-A-EAll versions
DahuasecurityDvr0804hf-Al-EAll versions
DahuasecurityDvr0804hf-L-EAll versions
DahuasecurityDvr0804hf-S-EAll versions
DahuasecurityDvr0804hf-U-EAll versions
DahuasecurityDvr1604hd-LAll versions
DahuasecurityDvr1604hd-SAll versions
DahuasecurityDvr1604hf-A-EAll versions
DahuasecurityDvr1604hf-Al-EAll versions
DahuasecurityDvr1604hf-L-EAll versions
DahuasecurityDvr1604hf-S-EAll versions
DahuasecurityDvr1604hf-U-EAll versions
DahuasecurityDvr2104cAll versions
DahuasecurityDvr2104hAll versions
DahuasecurityDvr2104hcAll versions
DahuasecurityDvr2104heAll versions
DahuasecurityDvr2108cAll versions
DahuasecurityDvr2108hAll versions
DahuasecurityDvr2108hcAll versions
DahuasecurityDvr2108heAll versions
DahuasecurityDvr2116cAll versions
DahuasecurityDvr2116hAll versions
DahuasecurityDvr2116hcAll versions
DahuasecurityDvr2116heAll versions
DahuasecurityDvr2404hf-SAll versions
DahuasecurityDvr2404lf-AlAll versions
DahuasecurityDvr2404lf-SAll versions
DahuasecurityDvr3204hf-SAll versions
DahuasecurityDvr3204lf-AlAll versions
DahuasecurityDvr3204lf-SAll versions
DahuasecurityDvr3224lAll versions
DahuasecurityDvr3232lAll versions
DahuasecurityDvr5104cAll versions
DahuasecurityDvr5104hAll versions
DahuasecurityDvr5104heAll versions
DahuasecurityDvr5108cAll versions
DahuasecurityDvr5108hAll versions
DahuasecurityDvr5108heAll versions
DahuasecurityDvr5116cAll versions

Showing 50 of 65 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-3613?
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
How severe is CVE-2013-3613?
Severity scoring for CVE-2013-3613 is pending analysis. The EPSS model estimates a 6.66% probability of exploitation in the next 30 days.
How do I fix CVE-2013-3613?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-3613?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST