CVE-2021-33044
CRITICALThe identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
EPSS Exploitation Probability
EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.
Description
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Affected Products
ipc-hum7xxx firmwaredahuasecurityipc-hx3xxx firmwaredahuasecurityipc-hx5xxx firmwaredahuasecuritysd1a1 firmwaredahuasecuritysd6al firmwaredahuasecuritysd22 firmwaredahuasecurityResearch use only. For defensive security, authorized penetration testing, and academic research only. Never execute exploit code against systems without explicit written authorization.
The identity authentication bypass vulnerability found in some Dahua pro…
The identity authentication bypass vulnerability found in some Dahua pro…
The identity authentication bypass vulnerability found in some Dahua pro…
The identity authentication bypass vulnerability found in some Dahua pro…
The identity authentication bypass vulnerability found in some Dahua pro…
Frequently Asked Questions
Is CVE-2021-33044 in your stack?
O3 detects CVE-2021-33044 across dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.