12 matches found
CVE-2026-29115
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...
PT-2026-26031
A vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker with physical access to the device may gain access to a restricted shell via the serial port, and bypasses the shell's authentication mechanism to escalate privileges...
EUVD-2017-18251
Malware in sbrugna...
CVE-2022-45434
Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP...
CVE-2024-13130 Dahua IPC-HFW1200S Web Interface Sha1Account1 path traversal
A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to...
CVE-2024-39947
A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...
Dahua NVR 安全漏洞
Dahua NVR is a series of network video recorders from Dahua China. A security vulnerability exists in the Dahua NVR4XXX. An attacker can send a carefully constructed packet to the vulnerable interface, causing the device to crash...
CVE-2022-45431
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server...
CVE-2022-45434
Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP...
CVE-2022-45432
Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Serve...
PT-2022-27507 · Dahua · Dahua
Name of the Vulnerable Software and Affected Versions: Dahua software products affected versions not specified Description: The issue allows an attacker to obtain the AES crypto key by sending a specific crafted packet to the vulnerable interface. This is due to a vulnerability of unauthenticated...
Dahua software products 访问控制错误漏洞
Dahua software products are a family of applications from the Chinese company Dahua. A security vulnerability exists in several Dahua software products that stems from their unauthenticated MQTT credential requests that allow an attacker to obtain encrypted MQTT credentials which cannot be direct...