2 matches found
CVE-2017-3223
CVE-2017-3223 affects Dahua IP cameras via the Sonia web interface (/usr/bin/sonia). Older firmware (pre V2.400.0000.14.R.20170713) does not validate input length for the password field, enabling a remote, unauthenticated attacker to send crafted POST requests that may trigger out-of-bounds memor...
CVE-2017-7253
The CVE-2017-7253 entry concerns Dahua IP Camera devices (notably 3.200.0001.6). The vulnerability arises from credential misuse: an attacker can start with default low‑privilege credentials to enumerate users, then authenticate with admin credentials to obtain full control of the device. Exploit...