CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-13130

High Severity
SVRS
45/100
CVSSv3
4.3/10
EPSS
0.00064/1

CVE-2024-13130 is a path traversal vulnerability in Dahua IP cameras that could allow unauthorized access to sensitive files. The vulnerability affects the Web Interface of Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S devices up to version 20241222. An attacker could potentially exploit this vulnerability by manipulating the file path in the ../mtd/Config/Sha1Account1 file, leading to unauthorized file access. While the CVSS score is 4.3, indicating a medium severity, the SOCRadar Vulnerability Risk Score (SVRS) is 45, suggesting a moderate level of risk. The fact that this exploit is 'In The Wild' means active exploitation is possible. This vulnerability highlights the importance of keeping Dahua IP camera firmware up to date to mitigate potential security risks. Due to the potential for unauthorized file access, organizations should prioritize patching this vulnerability to prevent potential data breaches or system compromise.

TAGS
In The Wild
Exploit
Permissions-required
Third-party-advisory
Technical-description
Signature
Vdb-entry
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:L
UI:N
S:U
C:L
I:N
A:N
PUBLICATION DATE2025-04-08
LAST MODIFIED2025-01-05
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-13130 affects Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, and IPC-HDW1200S devices up to firmware version 20241222. The vulnerability allows attackers to exploit a path traversal flaw in the Web Interface component, specifically in the ../mtd/Config/Sha1Account1 file, enabling them to access and potentially modify sensitive data within the device. The vulnerability is rated as problematic with a CVSS score of 4.3, and an SVRS score of 43. While the SVRS score is not critical, the vulnerability has been reported as being exploited "In The Wild," making it a significant concern.

Key Insights

  • Exploitation: The CVE-2024-13130 vulnerability is actively exploited by attackers in the wild, highlighting the immediate need for mitigation.
  • Path Traversal: Attackers can exploit this vulnerability to bypass directory restrictions and gain unauthorized access to critical system files and potentially sensitive data.
  • Remote Exploitation: The vulnerability can be triggered remotely, meaning attackers do not need physical access to the affected devices.
  • Vendor Response: Despite the vulnerability's seriousness and public disclosure, Dahua has not yet responded to the issue, emphasizing the urgency for users to take action independently.

Mitigation Strategies

  • Firmware Updates: Immediately update the affected Dahua devices to the latest firmware version, if available, to patch the vulnerability.
  • Network Segmentation: Isolate affected devices from critical networks to limit the impact of a successful attack.
  • Firewall Rules: Configure robust firewall rules to block access to the vulnerable file and other sensitive directories.
  • Access Control: Implement strong access control measures to prevent unauthorized access to the device's web interface and restrict access to critical functions.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-13130 | Dahua IPC-HFW1200S up to 20241222 Web Interface Sha1Account1 path traversal
vuldb.com2025-01-04
CVE-2024-13130 | Dahua IPC-HFW1200S up to 20241222 Web Interface Sha1Account1 path traversal | A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. This vulnerability
vuldb.com
rss
forum
news

Social Media

CVE-2024-13130 Remote Path Traversal Exploit in Dahua IP Cameras' Web Interface A vulnerability is in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, and IPC-HDW1200S up to version 20241222. This is seen as p... https://t.co/BBPlRXF9qg
0
0
1
CVE-2024-13130 A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this is… https://t.co/2Iz2C6CSgq
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4
[email protected]https://vuldb.com/?ctiid.290204
[email protected]https://vuldb.com/?id.290204
[email protected]https://vuldb.com/?submit.464260
SUBMIT #464260 | INTELBRAS IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, IPC-HDW1200S, VIP S3020 G2, VIP S4020 G2, VIP S4320 G2, VIP S4020 G3 WEBVERSION: 3.2.1.225946; WEBVERSION: 3.2.1.291804 PATH TRAVERSALhttps://vuldb.com/?submit.464260
VDB-290204 | CTI INDICATORS (IOB, IOC, TTP, IOA)https://vuldb.com/?ctiid.290204
VDB-290204 | DAHUA IPC-HFW1200S WEB INTERFACE SHA1ACCOUNT1 PATH TRAVERSALhttps://vuldb.com/?id.290204
SUBMIT #464260 | INTELBRAS IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z, IPC-HDW1200S, VIP S3020 G2, VIP S4020 G2, VIP S4320 G2, VIP S4020 G3 WEBVERSION: 3.2.1.225946; WEBVERSION: 3.2.1.291804 PATH TRAVERSALhttps://vuldb.com/?submit.464260
VDB-290204 | CTI INDICATORS (IOB, IOC, TTP, IOA)https://vuldb.com/?ctiid.290204
VDB-290204 | DAHUA IPC-HFW1200S WEB INTERFACE SHA1ACCOUNT1 PATH TRAVERSALhttps://vuldb.com/?id.290204

CWE Details

CWE IDCWE NameDescription
CWE-23Relative Path TraversalThe software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as .. that can resolve to a location that is outside of that directory.
CWE-24Path Traversal: '../filedir'The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ../ sequences that can resolve to a location that is outside of that directory.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence