Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dahuasecurity vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-3836
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can ...
Dahuasecurity Smart Parking Management
2 Github repositories
4.6
CVSSv3
CVE-2023-3121
A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code of the file /ipms/imageConvert/image. The manipulation of the argument fileUrl leads to server-side request forgery. The exploit ...
Dahuasecurity Smart Parking Management
5.3
CVSSv3
CVE-2022-30564
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
Dahuasecurity Ipc-hf71242f-z-x Firmware
Dahuasecurity Ipc-hf7442f-z-x Firmware
Dahuasecurity Ipc-hf7842f-z-x Firmware
Dahuasecurity Ipc-hf5241f-ze Firmware
Dahuasecurity Ipc-hf5442f-ze Firmware
Dahuasecurity Ipc-hf5541f-ze Firmware
Dahuasecurity Ipc-hf5842f-ze Firmware
Dahuasecurity Sd5a225gb-hnr Firmware
Dahuasecurity Sd5a225gb-hnr-sl Firmware
Dahuasecurity Sd5a225xa-hnr Firmware
Dahuasecurity Sd5a225xa-hnr-sl Firmware
Dahuasecurity Sd5a232gb-hnr Firmware
Dahuasecurity Sd5a232xb-hnr Firmware
Dahuasecurity Sd5a232xb-hnr-ac Firmware
Dahuasecurity Sd5a232xb-hnr-p Firmware
Dahuasecurity Sd5a245gb-hnr Firmware
Dahuasecurity Sd5a245xa-hnr Firmware
Dahuasecurity Sd5a425ga-hnr Firmware
Dahuasecurity Sd5a425xa-hnr Firmware
Dahuasecurity Sd5a432gb-hnr Firmware
Dahuasecurity Sd5a445gb-hnr Firmware
Dahuasecurity Sd5a445xa-hnr Firmware
5.3
CVSSv3
CVE-2022-45424
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key. An attacker can obtain the AES crypto key by sending a specific crafted packet to the vulnerable interface.
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
7.5
CVSSv3
CVE-2022-45429
Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules.
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
7.5
CVSSv3
CVE-2022-45431
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
7.5
CVSSv3
CVE-2022-45425
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability.
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
6.5
CVSSv3
CVE-2022-45426
Some Dahua software products have a vulnerability of unrestricted download of file. After obtaining the permissions of ordinary users, by sending a specific crafted packet to the vulnerable interface, an attacker can download arbitrary files.
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
5.3
CVSSv3
CVE-2022-45432
Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from...
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
3.7
CVSSv3
CVE-2022-45433
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could get the traceroute results.
Dahuasecurity Dhi-dss7016d-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware 8.1
Dahuasecurity Dhi-dss7016dr-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware 8.1
Dahuasecurity Dhi-dss4004-s2 Firmware 1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware 8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware 8.1
Dahuasecurity Dss Express 7.002.1760000.2
Dahuasecurity Dss Express 8.0.2
Dahuasecurity Dss Express 8.0.4
Dahuasecurity Dss Express 8.1
Dahuasecurity Dss Express 8.1.1
Dahuasecurity Dss Professional 7.002.1760000.2
Dahuasecurity Dss Professional 8.0.2
Dahuasecurity Dss Professional 8.0.4
Dahuasecurity Dss Professional 8.1
Dahuasecurity Dss Professional 8.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »