N/A

A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.

N/A

在认证机制中使用口令哈希代替口令

多款大华产品安全漏洞

大华DH-IPC-HDBW23A0RN-ZS等都是中国大华（DaHua）公司的摄像头产品。 多款大华产品中存在安全漏洞，该漏洞源于程序使用密码散列替代了密码来执行身份验证。攻击者可利用该漏洞绕过身份验证。以下产品受到影响：大华DH-IPC-HDBW23A0RN-ZS；DH-IPC-HDBW13A0SN；DH-IPC-HDW1XXX；DH-IPC-HDW2XXX；DH-IPC-HDW4XXX；DH-IPC-HFW1XXX；DH-IPC-HFW2XXX；DH-IPC-HFW4XXX；DH-SD6CXX；DH-

N/A

N/A