CVE-2021-33045

unknown KEV

Published 2024-08-21 · Modified 2024-08-21

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.

CISA KEV

Vendor: Dahua
Product: IP Camera Firmware
Due date: 2024-09-11

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582; https://nvd.nist.gov/vuln/detail/CVE-2021-33045

Exploits

References

https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582; https://nvd.nist.gov/vuln/detail/CVE-2021-33045

Verify integrity in audit chain (admin only). AS-IS.