Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-7925

EPSS 80.41% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-7925

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
配置文件中存储口令
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款大华产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
大华DH-IPC-HDBW23A0RN-ZS等都是中国大华(DaHua)公司的摄像头产品。 多款大华产品中存在安全漏洞。攻击者可利用该漏洞获取敏感信息的访问权限。以下产品受到影响:大华DH-IPC-HDBW23A0RN-ZS;DH-IPC-HDBW13A0SN;DH-IPC-HDW1XXX;DH-IPC-HDW2XXX;DH-IPC-HDW4XXX;DH-IPC-HFW1XXX;DH-IPC-HFW2XXX;DH-IPC-HFW4XXX;DH-SD6CXX;DH-NVR1XXX;DH-HCVR4XXX;D
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras -

II. Public POCs for CVE-2017-7925

#POC DescriptionSource LinkShenlong Link
1A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-7925.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-7925

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-05-06 · 11 CVEs total

CVE-2017-6024多款Rockwell Automation产品安全漏洞
CVE-2017-6029Certec EDV GmbH atvise scada 跨站脚本漏洞
CVE-2017-6031Certec EDV GmbH atvise scada 安全漏洞
CVE-2017-7909Advantech B+B SmartWorx MESR901固件安全漏洞
CVE-2017-7911CyberVision Kaa IoT Platform 代码注入漏洞
CVE-2017-7921多款Hikvision产品安全漏洞
CVE-2017-7923多款Hikvision产品安全漏洞
CVE-2017-7927多款大华产品安全漏洞
CVE-2017-7929Advantech WebAccess 路径遍历漏洞
CVE-2017-8391CA Client Automation OS Installation Management组件安全漏洞

IV. Related Vulnerabilities

Same product: Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras
Same vendor: n/a
Same weakness: CWE-260

V. Comments for CVE-2017-7925

No comments yet

Leave a comment