cve/2021/CVE-2021-33044.md

CVE-2021-33044

Description

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

POC

Reference

• http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
• http://seclists.org/fulldisclosure/2021/Oct/13

Github

• https://github.com/20142995/Goby
• https://github.com/APPHIK/cam
• https://github.com/APPHIK/camz
• https://github.com/APPHIK/ip
• https://github.com/APPHIK/ipp
• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates
• https://github.com/Alonzozzz/alonzzzo
• https://github.com/HimmelAward/Goby_POC
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/NaInSec/CVE-PoC-in-GitHub
• https://github.com/Nxychx/TVT-NVR
• https://github.com/SYRTI/POC_to_review
• https://github.com/Stealzoz/steal
• https://github.com/WhaleFell/CameraHack
• https://github.com/WhooAmii/POC_to_review
• https://github.com/Z0fhack/Goby_POC
• https://github.com/blkgzs/CameraHack
• https://github.com/bnhjuy77/tomde
• https://github.com/bp2008/DahuaLoginBypass
• https://github.com/bp2008/Index
• https://github.com/dorkerdevil/CVE-2021-33044
• https://github.com/haingn/LoHongCam-CVE-2021-33044
• https://github.com/jorhelp/Ingram
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/mcw0/DahuaConsole
• https://github.com/mcw0/PoC
• https://github.com/naycha/NVR-CONFIG
• https://github.com/naycha/TVT-NVR
• https://github.com/naycha/TVT-NVR-config
• https://github.com/naycha/TVT-config
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/readloud/PoC
• https://github.com/soosmile/POC
• https://github.com/trhacknon/Pocingit
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/zecool/cve
• https://github.com/zhanwang110/Ingram