Known Vulnerabilities for products from Dahuasecurity
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Dahuasecurity".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Dahuasecurity can be found at device.report : Dahuasecurity
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-33046 | Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability... | 9.8 - CRITICAL | 2022-01-13 | 2022-01-25 |
| CVE-2021-33045 | The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass ... | 9.8 - CRITICAL | 2021-09-15 | 2021-12-02 |
| CVE-2021-33044 | The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass ... | 9.8 - CRITICAL | 2021-09-15 | 2021-12-02 |
| CVE-2020-9502 | Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user acce... | 9.8 - CRITICAL | 2020-05-13 | 2020-05-18 |
| CVE-2020-9501 | Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate... | 5.5 - MEDIUM | 2020-05-13 | 2021-07-21 |
| CVE-2020-9500 | Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker ... | 4.9 - MEDIUM | 2020-04-09 | 2021-07-21 |
| CVE-2020-9499 | Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends... | 7.2 - HIGH | 2020-04-09 | 2021-04-19 |
| CVE-2019-9682 | Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible w... | 8.1 - HIGH | 2020-05-13 | 2020-05-18 |
| CVE-2019-9681 | Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this informatio... | 5.3 - MEDIUM | 2019-09-17 | 2020-08-24 |
| CVE-2019-9680 | Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the ... | 5.3 - MEDIUM | 2019-09-18 | 2021-07-21 |
| CVE-2019-9679 | Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logg... | 8.8 - HIGH | 2019-09-18 | 2019-09-19 |
| CVE-2019-9678 | Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by... | 7.5 - HIGH | 2019-09-18 | 2021-07-21 |
| CVE-2019-9677 | The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflo... | 9.8 - CRITICAL | 2019-09-18 | 2019-09-19 |
| CVE-2019-9676 | Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11.... | 7.8 - HIGH | 2019-06-12 | 2019-06-17 |
| CVE-2017-9317 | Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain a... | 8.8 - HIGH | 2018-05-23 | 2019-10-03 |
| CVE-2017-9316 | Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability ... | 6.5 - MEDIUM | 2017-11-27 | 2017-12-20 |
| CVE-2017-9315 | Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password f... | 9.8 - CRITICAL | 2017-11-28 | 2019-10-03 |
| CVE-2017-9314 | Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng... | 8.8 - HIGH | 2017-11-13 | 2017-11-29 |
| CVE-2017-7927 | A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW... | 7.3 - HIGH | 2017-05-06 | 2019-10-09 |
| CVE-2017-7925 | A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IP... | 9.8 - CRITICAL | 2017-05-06 | 2019-10-09 |
Known software with vulnerabilities from Dahuasecurity
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Dahuasecurity | Dvr Firmware | 2.608.0000.0 |
| Hardware | Dahuasecurity | Dvr0404hd-a | - |
| Hardware | Dahuasecurity | Dvr0404hd-l | - |
| Hardware | Dahuasecurity | Dvr0404hd-s | - |
| Hardware | Dahuasecurity | Dvr0404hd-u | - |
| Hardware | Dahuasecurity | Dvr0404hf-a-e | - |
| Hardware | Dahuasecurity | Dvr0404hf-al-e | - |
| Hardware | Dahuasecurity | Dvr0404hf-s-e | - |
| Hardware | Dahuasecurity | Dvr0404hf-u-e | - |
| Hardware | Dahuasecurity | Dvr0804 | - |
| Hardware | Dahuasecurity | Dvr0804hd-l | - |
| Hardware | Dahuasecurity | Dvr0804hd-s | - |
| Hardware | Dahuasecurity | Dvr0804hf-a-e | - |
| Hardware | Dahuasecurity | Dvr0804hf-al-e | - |
| Hardware | Dahuasecurity | Dvr0804hf-l-e | - |
| Hardware | Dahuasecurity | Dvr0804hf-s-e | - |
| Hardware | Dahuasecurity | Dvr0804hf-u-e | - |
| Hardware | Dahuasecurity | Dvr1604hd-l | - |
| Hardware | Dahuasecurity | Dvr1604hd-s | - |
| Hardware | Dahuasecurity | Dvr1604hf-a-e | - |