A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Max CVSS
9.8
EPSS Score
2.58%
Published
2023-07-22
Updated
2024-03-21
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.
Max CVSS
7.5
EPSS Score
0.09%
Published
2022-12-27
Updated
2023-01-05
Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules.
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-27
Updated
2023-01-05
Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files.
Max CVSS
7.2
EPSS Score
0.09%
Published
2022-12-27
Updated
2023-01-05
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-27
Updated
2023-01-05
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface (the credentials cannot be directly exploited).
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-27
Updated
2023-01-05
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet.
Max CVSS
7.4
EPSS Score
0.14%
Published
2022-06-28
Updated
2022-07-13
When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.
Max CVSS
7.4
EPSS Score
0.16%
Published
2022-06-28
Updated
2022-07-13
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.
Max CVSS
9.8
EPSS Score
0.24%
Published
2022-01-13
Updated
2022-01-25
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Max CVSS
10.0
EPSS Score
6.03%
Published
2021-09-15
Updated
2021-12-02
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
Max CVSS
10.0
EPSS Score
29.05%
Published
2021-09-15
Updated
2021-12-02
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-05-13
Updated
2020-05-18
Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.
Max CVSS
7.2
EPSS Score
0.10%
Published
2020-04-09
Updated
2021-04-19
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.
Max CVSS
8.1
EPSS Score
0.22%
Published
2020-05-13
Updated
2020-05-18
Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.
Max CVSS
8.8
EPSS Score
0.10%
Published
2019-09-18
Updated
2019-09-19
Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
Max CVSS
7.5
EPSS Score
0.10%
Published
2019-09-18
Updated
2021-07-21
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
Max CVSS
9.8
EPSS Score
0.25%
Published
2019-09-18
Updated
2019-09-19
Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-06-12
Updated
2019-06-17
Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.
Max CVSS
8.8
EPSS Score
0.10%
Published
2018-05-23
Updated
2019-10-03
Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.
Max CVSS
9.8
EPSS Score
0.60%
Published
2017-11-28
Updated
2019-10-03
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.
Max CVSS
8.8
EPSS Score
0.09%
Published
2017-11-13
Updated
2017-11-29
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.
Max CVSS
7.5
EPSS Score
3.15%
Published
2017-05-06
Updated
2019-10-09
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.
Max CVSS
9.8
EPSS Score
42.59%
Published
2017-05-06
Updated
2019-10-09
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login.
Max CVSS
9.0
EPSS Score
0.10%
Published
2017-03-30
Updated
2019-10-03
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information.
Max CVSS
9.3
EPSS Score
0.16%
Published
2017-03-09
Updated
2019-10-03
34 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!