CVE-2013-6117 Information

Description

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials change user passwords clear log files and perform other actions via a request to TCP port 37777.

Reference

http://blog.depthsecurity.com/2013/11/dahua-dvr-authentication-bypass-cve.html http://packetstormsecurity.com/files/124022/Dahua-DVR-Authentication-Bypass.html http://seclists.org/bugtraq/2013/Nov/62 http://www.exploit-db.com/exploits/29673 http://www.osvdb.org/99783