CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33044

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score81.1750%
EPSS Percentile90.83th
PublishedSep 15, 2021
Last ModifiedJan 13, 2026

Vulnerability Description

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Affected Platforms (CPE)

πŸ’»
Dahuasecurity

Ipc Hum7xxx Firmware

< 2.820.0000000.5.r.210705
πŸ’»
Dahuasecurity

Ipc Hx3xxx Firmware

< 2.800.0000000.29.r.210630
πŸ’»
Dahuasecurity

Ipc Hx5xxx Firmware

< 2.820.0000000.18.r.210705
πŸ’»
Dahuasecurity

Sd1a1 Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Sd22 Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Sd49 Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Sd50 Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Sd52c Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Sd6al Firmware

< 2.812.0000007.0.r.210706
πŸ’»
Dahuasecurity

Tpc Bf1241 Firmware

< 2.630.0000000.6.r.210707
πŸ’»
Dahuasecurity

Tpc Bf2221 Firmware

< 2.630.0000000.10.r.210707
πŸ’»
Dahuasecurity

Tpc Bf5x01 Firmware

< 2.630.0000000.12.r.210707
πŸ’»
Dahuasecurity

Tpc Pt8x21b Firmware

< 2.630.0000000.10.r.210701
πŸ’»
Dahuasecurity

Tpc Sd2221 Firmware

<= 2.630.0000000.7.r.210707
πŸ’»
Dahuasecurity

Tpc Sd8x21 Firmware

< 2.630.0000000.9.r.210706
πŸ’»
Dahuasecurity

Vto 65xxx Firmware

< 4.300.0000004.0.r.210715
πŸ’»
Dahuasecurity

Vto 75x95x Firmware

< 4.300.0000003.0.r.210714
πŸ’»
Dahuasecurity

Vth 542xh Firmware

< 4.500.0000002.0.r.210715
πŸ’»
Dahuasecurity

Tpc Bf5x21 Firmware

< 2.630.0000000.8.r.210630

References & Advisories

πŸ”— http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
πŸ”— http://seclists.org/fulldisclosure/2021/Oct/13
πŸ”— https://www.dahuasecurity.com/support/cybersecurity/details/957
πŸ”— http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
πŸ”— http://seclists.org/fulldisclosure/2021/Oct/13
πŸ”— https://www.dahuasecurity.com/support/cybersecurity/details/957
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-33044

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...