Lucene search

DahuaCVELIST:CVE-2024-39944

HistoryJul 31, 2024 - 3:13 a.m.

CVE-2024-39944

2024-07-3103:13:03

dahua

www.cve.org

dahua products

data packets

device crash

vulnerability

attackers

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

A vulnerability has been found in Dahua products.Attackers
can send carefully crafted data packets to the interface with vulnerabilities,
causing the device to crash.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "IPC-HX8XXX and NVR4XXX",
    "vendor": "Dahua",
    "versions": [
      {
        "status": "affected",
        "version": "IPC-HX8XXX and NVR4XXX Versions which Build time before 2024/2/2"
      }
    ]
  }
]

References

www.dahuasecurity.com/aboutUs/trustedCenter/details/768

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

Related for CVELIST:CVE-2024-39944