{"id":226,"date":"2015-08-22T01:42:29","date_gmt":"2015-08-22T01:42:29","guid":{"rendered":"http:\/\/dahua.evosec.eu\/?page_id=226"},"modified":"2016-09-11T17:47:32","modified_gmt":"2016-09-11T17:47:32","slug":"device-security-assessment","status":"publish","type":"page","link":"https:\/\/dahua.evosec.eu\/ja\/device-security-assessment\/","title":{"rendered":"Device Security Assessment &amp; Enforcement"},"content":{"rendered":"<div><i>Update 25 September, 2015<\/i><br \/>\r\nFor now, we have identified bugs, developed a patch(will be available to most DAHUA-based products) and also solutions for recovering the device for situations where:<\/p>\r\n<ul>\r\n<li>Device stops responding, recording or can&#8217;t be accessed via Internet while directly connected or through PPPoE<\/li>\r\n<li>Device still records, but you cannot access it via Internet<\/li>\r\n<li>Device displays a &#8220;System has been hacked&#8221;, &#8220;Device has been hacked&#8221;, &#8220;DVR has been hacked&#8221; or other messages and the <strong>admin<\/strong> account has no rights<\/li>\r\n<\/ul>\r\n<\/div>\r\n<hr \/>\r\n<div><i>Update 1 September, 2015<\/i><br \/>\r\nWe have developed custom firmware(s) for old devices that are prone to telnet(port 23)->root username attacks(via default, unchangeable <strong>vizxv<\/strong> password). We are able to customize\/patch almost any old firmware with a secure password that you provide.<\/p>\r\n<p>Why? Because using root&#038;<strong>vizxv<\/strong> password devices are vulnerable to data leaks(including several, clear-text stored credentials), record(s) deletion, halt of operation(for at least 4 minutes), reset of configuration ect.<\/p>\r\n<div class=\"panel panel-default\">\r\n<div class=\"panel-heading\">Some affected models<\/div>\r\n<div class=\"panel-body\">\r\nDVR0404HE-AN, DVR0404HE-AS, DVR0404HF-AN, DVR0404HF-AS, DVR0404HF-AT, DVR0404HF-U, DVR0404LE-AN, DVR0404LE-AS, DVR0404LF-A, DVR0404LF-AS, DVR0404LF-AST, DVR0404LF-L, DVR0404LF-S, DVR0804HF-U, DVR0804LE-AS, DVR0804LF-A, DVR0804LF-AS, DVR0804LF-AST, DVR0804LF-L, DVR0804LF-S, DVR1604HF-L-E, DVR1604HF-S-E, DVR1604HF-U, DVR1604LE-AS, DVR1604LE-SL, DVR1604LF-A, DVR1604LF-AE, DVR1604LF-AS, DVR1604LF-AST, DVR1604LF-L, DVR1604LF-S, DVR3108H, DVR310XE, DVR3116E, DVR3116H\r\n  <\/div>\r\n<\/div>\r\n<hr \/>\r\n<div>Some DVRs, NVRs (and other embedded security or monitoring devices) can and might be compromised by different security problems. For those, we will remotely-assess your current device&#8217;s security and issue a report.\r\n<\/div>\r\n<\/p>\r\n<div><strong>Tip:<\/strong> This feature is currently under development.<br \/>\r\nWe will be doing #pentesting and some #hardwarefingerprinting. We will also use common #CVEs available and some inside-developed tools. We will present a statistic of vulnerable devices in the near future.\r\n<\/div>","protected":false},"excerpt":{"rendered":"Update 25 September, 2015 For now, we have identified bugs, developed a patch(will be available to most DAHUA-based products) and also solutions for recovering the device for situations where: Device stops responding, recording or can&#8217;t be accessed via Internet while directly connected or through PPPoE Device still records, but you cannot access it via Internet&hellip; <a class=\"more-link\" href=\"https:\/\/dahua.evosec.eu\/ja\/device-security-assessment\/\">Continue Reading Device Security Assessment &amp; Enforcement<\/a>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-226","page","type-page","status-publish","hentry"],"translation":{"provider":"WPGlobus","version":"3.0.1","language":"ja","enabled_languages":["en","da","de","es","fi","fr","it","hu","nl","no","pt","pl","ru","sv","ja"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"da":{"title":true,"content":true,"excerpt":false},"de":{"title":true,"content":true,"excerpt":false},"es":{"title":true,"content":true,"excerpt":false},"fi":{"title":true,"content":true,"excerpt":false},"fr":{"title":true,"content":true,"excerpt":false},"it":{"title":true,"content":true,"excerpt":false},"hu":{"title":true,"content":true,"excerpt":false},"nl":{"title":true,"content":true,"excerpt":false},"no":{"title":true,"content":true,"excerpt":false},"pt":{"title":true,"content":true,"excerpt":false},"pl":{"title":true,"content":true,"excerpt":false},"ru":{"title":true,"content":true,"excerpt":false},"sv":{"title":true,"content":true,"excerpt":false},"ja":{"title":false,"content":false,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/\" \/>\n<meta property=\"og:site_name\" content=\"\u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/euroevosolutions\" \/>\n<meta property=\"article:modified_time\" content=\"2016-09-11T17:47:32+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@evosec_eu\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"22 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\",\"url\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\",\"name\":\"- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/#website\"},\"datePublished\":\"2015-08-22T01:42:29+00:00\",\"dateModified\":\"2016-09-11T17:47:32+00:00\",\"description\":\"\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/dahua.evosec.eu\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/#website\",\"url\":\"https:\\\/\\\/dahua.evosec.eu\\\/\",\"name\":\"\u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8\",\"description\":\"Support, Integration &amp; Automation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/dahua.evosec.eu\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ja\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","og_locale":"ja_JP","og_type":"article","og_title":"- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8","og_url":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","og_site_name":"\u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8","article_publisher":"https:\/\/www.facebook.com\/euroevosolutions","article_modified_time":"2016-09-11T17:47:32+00:00","twitter_card":"summary_large_image","twitter_site":"@evosec_eu","twitter_misc":{"Est. reading time":"22 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","url":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","name":"- \u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8","isPartOf":{"@id":"https:\/\/dahua.evosec.eu\/#website"},"datePublished":"2015-08-22T01:42:29+00:00","dateModified":"2016-09-11T17:47:32+00:00","description":"","breadcrumb":{"@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dahua.evosec.eu\/"},{"@type":"ListItem","position":2,"name":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si"}]},{"@type":"WebSite","@id":"https:\/\/dahua.evosec.eu\/#website","url":"https:\/\/dahua.evosec.eu\/","name":"\u30d7\u30ec\u30df\u30a2\u30e0 \u30c0\u30fc\u30d5\u30a2\u88fd\u54c1\u306e\u6280\u8853\u30b5\u30dd\u30fc\u30c8","description":"Support, Integration &amp; Automation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dahua.evosec.eu\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"}]}},"_links":{"self":[{"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/pages\/226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/comments?post=226"}],"version-history":[{"count":0,"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/pages\/226\/revisions"}],"wp:attachment":[{"href":"https:\/\/dahua.evosec.eu\/ja\/wp-json\/wp\/v2\/media?parent=226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}