Vendor coverage
Track published CVEs, severity trends, and remediation context for dahuasecurity products.
Search results
Showing 1-50 of 50 vulnerabilities.
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
58 affected product entries
CVSS
8.6
HIGH
Published
Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
56 affected product entries
CVSS
7.5
HIGH
Published
Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
56 affected product entries
CVSS
7.5
HIGH
Published
Jul 31, 2024
A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
56 affected product entries
CVSS
6.5
MEDIUM
Published
Jul 31, 2024
A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
56 affected product entries
CVSS
6.0
MEDIUM
Published
Jul 31, 2024
A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
56 affected product entries
CVSS
4.9
MEDIUM
Published
Jul 31, 2024
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
Affected vendor
dahuasecurityAffected product
nvr4104-4ks2\/l firmwareCoverage
58 affected product entries
CVSS
7.5
HIGH
Published
Jul 31, 2024
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected vendor
dahuasecurityAffected product
smart parking managementCoverage
Single affected product entry
CVSS
6.3
MEDIUM
Published
Jul 22, 2023
A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code of the file /ipms/imageConvert/image. The manipulation of the argument fileUrl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230800. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected vendor
dahuasecurityAffected product
smart parking managementCoverage
Single affected product entry
CVSS
3.5
LOW
Published
Jun 6, 2023
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
Affected vendor
dahuasecurityAffected product
ipc-hf71242f-z-x firmwareCoverage
97 affected product entries
CVSS
5.3
MEDIUM
Published
Feb 9, 2023
Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP request attack to the designated target host.
Affected vendor
dahuasecurityAffected product
dhi-dss7016d-s2 firmwareCoverage
22 affected product entries
CVSS
5.9
MEDIUM
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could get the traceroute results.
Affected vendor
dahuasecurityAffected product
dhi-dss7016d-s2 firmwareCoverage
22 affected product entries
CVSS
3.7
LOW
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.
Affected vendor
dahuasecurityAffected product
dhi-dss7016d-s2 firmwareCoverage
22 affected product entries
CVSS
5.3
MEDIUM
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.
Affected vendor
dahuasecurityAffected product
dhi-dss7016d-s2 firmwareCoverage
22 affected product entries
CVSS
7.5
HIGH
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service.
CVSS
3.7
LOW
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules.
CVSS
7.5
HIGH
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information.
CVSS
2.7
LOW
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files.
CVSS
7.2
HIGH
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unrestricted download of file. After obtaining the permissions of ordinary users, by sending a specific crafted packet to the vulnerable interface, an attacker can download arbitrary files.
CVSS
6.5
MEDIUM
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.
CVSS
7.5
HIGH
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key. An attacker can obtain the AES crypto key by sending a specific crafted packet to the vulnerable interface.
CVSS
5.3
MEDIUM
Published
Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface (the credentials cannot be directly exploited).
CVSS
7.5
HIGH
Published
Dec 27, 2022
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet.
Affected vendor
dahuasecurityAffected product
ipc-hdbw2431e-s-s2 firmwareCoverage
41 affected product entries
CVSS
7.4
HIGH
Published
Jun 28, 2022
If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page.
Affected vendor
dahuasecurityAffected product
ipc-hdbw2431e-s-s2 firmwareCoverage
41 affected product entries
CVSS
4.7
MEDIUM
Published
Jun 28, 2022
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet.
Affected vendor
dahuasecurityAffected product
ipc-hdbw2431e-s-s2 firmwareCoverage
41 affected product entries
CVSS
5.9
MEDIUM
Published
Jun 28, 2022
When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.
Affected vendor
dahuasecurityAffected product
ipc-hdbw2431e-s-s2 firmwareCoverage
41 affected product entries
CVSS
7.4
HIGH
Published
Jun 28, 2022
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.
CVSS
9.8
CRITICAL
Published
Jan 13, 2022
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVSS
9.8
CRITICAL
Published
Sep 15, 2021
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVSS
9.8
CRITICAL
Published
Sep 15, 2021
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.
CVSS
9.8
CRITICAL
Published
May 13, 2020
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in additional consumption of platform server resources. Versions with Build time before April 2020 are affected.
CVSS
5.5
MEDIUM
Published
May 13, 2020
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.
CVSS
8.1
HIGH
Published
May 13, 2020
Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down.
CVSS
4.9
MEDIUM
Published
Apr 9, 2020
Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.
CVSS
7.2
HIGH
Published
Apr 9, 2020
Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
CVSS
5.3
MEDIUM
Published
Sep 18, 2019
Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.
CVSS
8.8
HIGH
Published
Sep 18, 2019
Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
CVSS
7.5
HIGH
Published
Sep 18, 2019
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
CVSS
9.8
CRITICAL
Published
Sep 18, 2019
Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing firmware packages by specific means. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.
CVSS
5.3
MEDIUM
Published
Sep 17, 2019
Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.
CVSS
7.8
HIGH
Published
Jun 12, 2019
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'password' field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera's Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803.
CVSS
9.8
CRITICAL
Published
Jul 24, 2018
Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.
CVSS
8.8
HIGH
Published
May 23, 2018
Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.
CVSS
9.8
CRITICAL
Published
Nov 28, 2017
Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device to receive only specific data (one direction, no transmit) and therefore it was not involved in any instance of collecting user privacy data or allowing remote code execution.
CVSS
6.5
MEDIUM
Published
Nov 27, 2017
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.
Affected vendor
dahuasecurityAffected product
nvr5464-16p-4ks2 firmwareCoverage
22 affected product entries
CVSS
8.8
HIGH
Published
Nov 13, 2017
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.
Affected vendor
dahuasecurityAffected product
dh-ipc-hdbw23a0rn-zs firmwareCoverage
15 affected product entries
CVSS
7.3
HIGH
Published
May 6, 2017
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.
Affected vendor
dahuasecurityAffected product
dh-ipc-hdbw23a0rn-zs firmwareCoverage
15 affected product entries
CVSS
9.8
CRITICAL
Published
May 6, 2017
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login.
CVSS
8.8
HIGH
Published
Mar 30, 2017
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information.
CVSS
8.1
HIGH
Published
Mar 9, 2017
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117.
CVSS
8.1
HIGH
Published
Feb 27, 2017
