CyberSec.Space Logo
Back to CVE Browser

CVE-2021-33045

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score54.8410%
EPSS Percentile86.85th
PublishedSep 15, 2021
Last ModifiedJan 13, 2026

Vulnerability Description

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Affected Platforms (CPE)

πŸ’»
Dahuasecurity

Ipc Hum7xxx Firmware

< 2.820.0000000.5.r.210705
πŸ’»
Dahuasecurity

Ipc Hx3xxx Firmware

< 2.800.0000000.29.r.210630
πŸ’»
Dahuasecurity

Ipc Hx5xxx Firmware

< 2.820.0000000.5.r.210705
πŸ’»
Dahuasecurity

Nvr 1xxx Firmware

< 4.001.0000005.1.r.210709
πŸ’»
Dahuasecurity

Nvr 2xxx Firmware

< 4.001.0000000.1.r.210710
πŸ’»
Dahuasecurity

Nvr 4xxx Firmware

< 4.001.0000005.1.r.210713
πŸ’»
Dahuasecurity

Nvr 5xxx Firmware

< 4.001.0000000.0.r.210710
πŸ’»
Dahuasecurity

Nvr 6xx Firmware

< 4.001.0000001.1.r.210716
πŸ’»
Dahuasecurity

Vth 542xh Firmware

< 4.500.0000002.0.r.210715
πŸ’»
Dahuasecurity

Vto 65xxx Firmware

< 4.300.0000004.0.r.210715
πŸ’»
Dahuasecurity

Vto 75x95x Firmware

< 4.300.0000003.0.r.210714
πŸ’»
Dahuasecurity

Xvr 4x04 Firmware

All versions
πŸ’»
Dahuasecurity

Xvr 4x08 Firmware

< 4.001.0000001.1.r.210709
πŸ’»
Dahuasecurity

Xvr 4x04 Firmware

< 4.001.0000001.1.r.210709
πŸ’»
Dahuasecurity

Xvr 5x04 Firmware

< 4.001.0000003.1.r.210710
πŸ’»
Dahuasecurity

Xvr 5x08 Firmware

< 4.001.0000003.1.r.210710
πŸ’»
Dahuasecurity

Xvr 5x16 Firmware

< 4.001.0000003.1.r.210710
πŸ’»
Dahuasecurity

Xvr 7x16 Firmware

< 4.001.0000003.1.r.210710
πŸ’»
Dahuasecurity

Xvr 7x32 Firmware

< 4.001.0000003.1.r.210710

References & Advisories

πŸ”— http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
πŸ”— http://seclists.org/fulldisclosure/2021/Oct/13
πŸ”— https://www.dahuasecurity.com/support/cybersecurity/details/957
πŸ”— http://packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html
πŸ”— http://seclists.org/fulldisclosure/2021/Oct/13
πŸ”— https://www.dahuasecurity.com/support/cybersecurity/details/957
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-33045

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...