CVE-2017-6432

An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dahuasecurity:nvr_firmware:3.210.0001.10:*:*:*:*:*:*:*
cpe:2.3:h:dahuasecurity:dhi-hcvr7216a-s3:-:*:*:*:*:*:*:*

Information

Published : 2017-03-09 09:59

Updated : 2019-10-02 17:03


NVD link : CVE-2017-6432

Mitre link : CVE-2017-6432


JSON object : View

CWE
CWE-319

Cleartext Transmission of Sensitive Information

Advertisement

dedicated server usa

Products Affected

dahuasecurity

  • nvr_firmware
  • dhi-hcvr7216a-s3