High severity8.8NVD Advisory· Published Nov 13, 2017· Updated May 13, 2026
CVE-2017-9314
CVE-2017-9314
Description
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.
Affected products
23- cpe:2.3:o:dahuasecurity:nvr5464-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5464_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5208-8p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5208_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5432-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5432_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5416-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5416_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5464-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5464_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5432-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5432_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5416-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5416_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5232-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5232_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5216-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5216_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5232-8p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5232_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5216-8p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5216_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5232-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5232_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5216-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5216_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5208-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5208_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5816-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5816_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5832-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5832_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5864-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5864_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5864-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5864_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5832-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5832_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5816-16p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5816_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5424-24p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5424_eng_p_v2.616.0000.0.r.20171102
- cpe:2.3:o:dahuasecurity:nvr5224-24p-4ks2_firmware:*:*:*:*:*:*:*:*Range: <dh_nvr5224_eng_p_v2.616.0000.0.r.20171102
- Dahua Technologies/NVR50XX, VR52XX, VR54XX, VR58XXv5Range: Versions Build between 2013 and 2017/10
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dahuasecurity.com/annoucementsingle/security-advisory--authentication-vulnerability-found-in-some-dahua-nvr_14731_211.htmlnvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.