Lucene search

DahuaCVELIST:CVE-2024-39948

HistoryJul 31, 2024 - 3:40 a.m.

CVE-2024-39948

2024-07-3103:40:29

dahua

www.cve.org

dahua products

vulnerability

device crash

data packets

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "NVR4XXX",
    "vendor": "Dahua",
    "versions": [
      {
        "status": "affected",
        "version": "NVR4XXX Versions which Build time before 2023/12/13"
      }
    ]
  }
]

References

www.dahuasecurity.com/aboutUs/trustedCenter/details/768

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

Related for CVELIST:CVE-2024-39948