Thermofisher dataTaker – Insecure by Design – CVE-2017-11349

Introduction Thermofisher dataTaker DT8x devices offer little security, and clear text configuration visible to users without any log in process. The products website: http://www.datataker.com/ Vulnerable Versions While only DT8x devices have been inspected, it would be unlikely that other models are not also affected by this design issue. Only Firmware 1.72.007 was observed in the […]

Read More Thermofisher dataTaker – Insecure by Design – CVE-2017-11349

Dahua NVR – Auth Bypass – CVE-2017-6432

Introduction After discovering the Exposures identified here I decided to try to inject a new user into the system by modifying packets in the TCP Stream Disclosure Timeline 2017-02-24: Vulnerability Discovered 2017-03-02: Proof of Concept Written 2017-03-02: Dahua Contacted with plan to disclose on March 9th unless they wished otherwise. 2017-03-07: Dahua Responded with timeline […]

Read More Dahua NVR – Auth Bypass – CVE-2017-6432

Dahua NVR – Multiple Exposures (CVE-2017-6341 CVE-2017-6342 CVE-2017-6343)

Introduction Responsible Disclosure Timeline. 2016-10-10: Sent to both the Australian Importer and Dahua, everything mentioned here plus more. The Importer was also called to discuss the issues. 2016-10-17 (approx): Followed up verbally with the importer a couple weeks later (phone). 2016-11-14: Contacted both the Importer and Dahua for an update. Apart from when I rang […]

Read More Dahua NVR – Multiple Exposures (CVE-2017-6341 CVE-2017-6342 CVE-2017-6343)