Skip to content

Created CVE-2021-33045.yaml (Dahua IPC/VTH/VTO - Authentication Bypass) KEV #12296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 24, 2025
Merged

Created CVE-2021-33045.yaml (Dahua IPC/VTH/VTO - Authentication Bypass) KEV #12296

merged 5 commits into from
Jun 24, 2025

Conversation

@cybermorgue
Copy link
Contributor

@cybermorgue cybermorgue commented Jun 10, 2025
edited
Loading

Template / PR Information

Created CVE 2021 33045 template. A vulnerability in Dahua Cam for Authentication Bypass.

Template Validation

I've validated this template locally?

  • YES
  • NO

Additional References

https://nvd.nist.gov/vuln/detail/cve-2021-33045

@cybermorgue
Copy link
Contributor Author

cybermorgue commented Jun 12, 2025

Hi. Is anything wrong with this PR?

@DhiyaneshGeek
Copy link
Member

DhiyaneshGeek commented Jun 13, 2025

Hi @cybermorgue,

Is there any documentation or setup instructions available for deploying the vulnerable environment or running the software locally? Also, if you have any sample data that could help with debugging, that would be greatly appreciated.

Thanks

@cybermorgue
Copy link
Contributor Author

cybermorgue commented Jun 13, 2025
edited
Loading

Hi @DhiyaneshGeek,

I'm afraid it's not possible to provide documentation, setup instructions, or sample data for this finding. This was an IP Camera discovered during an external penetration test, meaning it's a physical device accessible from the internet, not a replicable environment or software that can be run locally.

This is the repo for the exploit in which the template is based: https://github.com/mcw0/DahuaConsole

I hope this clarifies the situation.

Thanks.

@cybermorgue
Copy link
Contributor Author

cybermorgue commented Jun 23, 2025

Hello.

More info?

Thank you.

@DhiyaneshGeek
Copy link
Member

DhiyaneshGeek commented Jun 23, 2025

Hi @cybermorgue

we are looking into this

Thanks for the script !

@DhiyaneshGeek DhiyaneshGeek added Done Ready to merge and removed waiting for more info labels Jun 24, 2025
@DhiyaneshGeek DhiyaneshGeek requested a review from pussycat0x June 24, 2025 05:36
@DhiyaneshGeek DhiyaneshGeek added the good first issue Good for newcomers label Jun 24, 2025
@DhiyaneshGeek DhiyaneshGeek changed the title Created CVE 2021 33045.yaml Created CVE-2021-33045.yaml (Dahua IPC/VTH/VTO - Authentication Bypass) KEV Jun 24, 2025
@DhiyaneshGeek
Copy link
Member

DhiyaneshGeek commented Jun 24, 2025

Hi @cybermorgue

i have made some changes to the template, let me know if it looks good !

Thank you so much for sharing this template with the community and contributing to this project 🍻

You can grab some cool PD stickers over here http://nux.gg/stickers 😄

You can join our discord server. It's a great place to connect with fellow contributors and stay updated with the latest developments. Thank you once again

@pussycat0x pussycat0x merged commit e77eb2b into projectdiscovery:main Jun 24, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pussycat0x pussycat0x pussycat0x approved these changes

Assignees

@DhiyaneshGeek DhiyaneshGeek

Labels

Done Ready to merge good first issue Good for newcomers

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cybermorgue @DhiyaneshGeek @pussycat0x @ritikchaddha