Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dahuasecurity vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-9676
Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build prior to 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. A...
Dahuasecurity Ipc-hfw1xxx Firmware
Dahuasecurity Ipc-hdw1xxx Firmware
Dahuasecurity Ipc-hfw2xxx Firmware
5.9
CVSSv3
CVE-2017-6341
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interface...
Dahuasecurity Smartpss Firmware 1.16.1
Dahuasecurity Camera Firmware 2.400.0000.28.r
Dahuasecurity Nvr Firmware 3.210.0001.10
9.8
CVSSv3
CVE-2017-6342
An issue exists on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automat...
Dahuasecurity Smartpss Firmware 1.16.1
Dahuasecurity Camera Firmware 2.400.0000.28.r
Dahuasecurity Nvr Firmware 3.210.0001.10
8.1
CVSSv3
CVE-2017-6343
The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote malicious users to obtain login access by leveraging knowledge of the MD5 Admin Hash w...
Dahuasecurity Nvr Firmware 3.210.0001.10
Dahuasecurity Smartpss Firmware 1.16.1
Dahuasecurity Camera Firmware 2.400.0000.28.r
NA
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote malicious users to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
Dahuasecurity Dvr Firmware 2.608.0000.0
Dahuasecurity Dvr Firmware 2.608.gv00.0
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2017-3223
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the we...
Dahuasecurity Ip Camera Firmware
5.5
CVSSv3
CVE-2020-9501
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, re...
Dahuasecurity Web P2p
8.1
CVSSv3
CVE-2017-6432
An issue exists on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creat...
Dahuasecurity Nvr Firmware 3.210.0001.10
8.8
CVSSv3
CVE-2017-7253
Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During expl...
Dahuasecurity Ip Camera Firmware 3.200.0001.6
9.8
CVSSv3
CVE-2023-3836
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can ...
Dahuasecurity Smart Parking Management
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »