Lucene search
K

21 matches found

CNNVD
CNNVD
added 2025/10/15 12:0 a.m.6 views

Dahua IPC和Dahua SD 安全漏洞

Dahua IPC and Dahua SD are both products of Dahua, a Chinese company.Dahua IPC is a series of industrial controllers from Dahua.Dahua SD is a series of PTZ dome cameras. A security vulnerability exists in the Dahua IPC and Dahua SD. The vulnerability originates from a third-party malicious attack...

6.8CVSS6.7AI score0.00275EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-15403

Malware in sbrugna...

10CVSS9.5AI score0.12757EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.7 views

Dahua Security Network Video Recorders Improper Input Validation (CVE-2024-39948)

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.5CVSS5.6AI score0.0056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.15 views

Dahua Security NVR NVR50XX, NVR52XX, NVR54XX, and NVR58XX Improper Authentication (CVE-2017-9314)

Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DHNVR5xxxEngPV2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message. This plugin only works with...

8.8CVSS7.3AI score0.00934EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.7 views

Dahua Security Network Video Recorders Improper Input Validation (CVE-2024-39949)

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.5CVSS5.6AI score0.0056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.11 views

Dahua Security Network Video Recorders Improper Input Validation (CVE-2024-39945)

A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash. This plugin only works with Tenable.ot. Please visit...

4.9CVSS5.6AI score0.00458EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.6 views

Dahua Security Network Video Recorders Improper Input Validation (CVE-2024-39946)

A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization. This plugin only works with Tenable.ot. Please visit...

7.2CVSS5.6AI score0.00437EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.8 views

Dahua Security Digital Video Recorders Credentials Management Errors (CVE-2013-3612)

Dahua DVR appliances have a hardcoded password for 1 the root account and 2 an unspecified backdoor account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving a ActiveX, b a standalone client, or c unknown other vectors. This plugin on...

10CVSS5.5AI score0.10298EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.5 views

Dahua Security Network Video Recorders Improper Input Validation (CVE-2024-39947)

A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash. This plugin only works with Tenable.ot. Please visit...

6.5CVSS5.6AI score0.00458EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.4 views

Dahua Security Digital Video Recorders Permissions, Privileges, and Access Controls (CVE-2013-5754)

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...

10CVSS5.5AI score0.10298EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.83 views

Dahua Security Multiple Products Improper Input Validation (CVE-2024-39944)

A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEV...

7.5CVSS5.6AI score0.0056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.58 views

Dahua Security Multiple Products Improper Input Validation (CVE-2024-39950)

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

9.8CVSS5.6AI score0.00492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.8 views

Dahua Security Cameras Allocation of Resources Without Limits or Throttling (CVE-2020-9500)

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

4.9CVSS5.8AI score0.01049EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.47 views

Dahua Security Cameras Improper Authentication (CVE-2021-33045)

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

10CVSS7.1AI score0.99556EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.24 views

Dahua Security Cameras Weak Password Recovery Mechanism for Forgotten Password (CVE-2017-9315)

Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by...

9.8CVSS7.4AI score0.01443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.10 views

Dahua ASI7213X-T1 Unrestricted Upload of File with Dangerous Type (CVE-2022-30560)

When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash. This plugin only works with Tenable.ot. Please visit...

7.4CVSS7.1AI score0.00789EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.14 views

Dahua ASI7213X-T1 Generation of Error Message Containing Sensitive Information (CVE-2022-30562)

If the user enables the https function on the device, an attacker can modify the user's request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page. This plugin only works wit...

4.7CVSS5.8AI score0.00664EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.19 views

Dahua Security Cameras Unauthorized device timestamp modification (CVE-2022-30564)

Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time. This plugin only works with Tenable.ot. Please visit...

5.3CVSS6.1AI score0.00438EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.10 views

Dahua Security Cameras Use of Insufficiently Random Values (CVE-2020-9502)

Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device. This plugin only works with Tenable.ot. Please visit...

9.8CVSS7.4AI score0.01719EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.13 views

Dahua Security Cameras Cleartext Storage of Sensitive Information (CVE-2019-9681)

Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing firmware packages by specific means. Affected products include: IPC- HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-...

5.3CVSS6.1AI score0.00784EPSS
Exploits0References2
Rows per page
Query Builder