Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dahuasecurity dhi-dss7016d-s2 firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss7016d-s2 firmware 8.0.2 |
||
dahuasecurity dhi-dss7016d-s2 firmware 8.0.4 |
||
dahuasecurity dhi-dss7016d-s2 firmware 8.1 |
||
dahuasecurity dhi-dss7016dr-s2 firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss7016dr-s2 firmware 8.0.2 |
||
dahuasecurity dhi-dss7016dr-s2 firmware 8.0.4 |
||
dahuasecurity dhi-dss7016dr-s2 firmware 8.1 |
||
dahuasecurity dhi-dss4004-s2 firmware 1.001.0000001.2 |
||
dahuasecurity dhi-dss4004-s2 firmware 8.0.2 |
||
dahuasecurity dhi-dss4004-s2 firmware 8.0.4 |
||
dahuasecurity dhi-dss4004-s2 firmware 8.1 |
||
dahuasecurity dss express 7.002.1760000.2 |
||
dahuasecurity dss express 8.0.2 |
||
dahuasecurity dss express 8.0.4 |
||
dahuasecurity dss express 8.1 |
||
dahuasecurity dss express 8.1.1 |
||
dahuasecurity dss professional 7.002.1760000.2 |
||
dahuasecurity dss professional 8.0.2 |
||
dahuasecurity dss professional 8.0.4 |
||
dahuasecurity dss professional 8.1 |
||
dahuasecurity dss professional 8.1.1 |