Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface (the credentials cannot be directly exploited).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dahuasecurity dss express 7.002.1760000.2 |
||
dahuasecurity dss express 8.0.2 |
||
dahuasecurity dss express 8.0.4 |
||
dahuasecurity dss express 8.1 |
||
dahuasecurity dss express 8.1.1 |
||
dahuasecurity dss professional 7.002.1760000.2 |
||
dahuasecurity dss professional 8.0.2 |
||
dahuasecurity dss professional 8.0.4 |
||
dahuasecurity dss professional 8.1 |
||
dahuasecurity dss professional 8.1.1 |
||
dahuasecurity dhi-dss7016d-s2_firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss7016d-s2_firmware 8.0.2 |
||
dahuasecurity dhi-dss7016d-s2_firmware 8.0.4 |
||
dahuasecurity dhi-dss7016d-s2_firmware 8.1 |
||
dahuasecurity dhi-dss7016dr-s2_firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss7016dr-s2_firmware 8.0.2 |
||
dahuasecurity dhi-dss7016dr-s2_firmware 8.0.4 |
||
dahuasecurity dhi-dss7016dr-s2_firmware 8.1 |
||
dahuasecurity dhi-dss4004-s2_firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss4004-s2_firmware 8.0.2 |
||
dahuasecurity dhi-dss4004-s2_firmware 8.0.4 |
||
dahuasecurity dhi-dss4004-s2_firmware 8.1 |