Vulnerabilities > Dahuasecurity > DHI Dss4004 S2 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-12-27 CVE-2022-45423 Missing Authentication for Critical Function vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.
network
low complexity
dahuasecurity CWE-306
7.5
7.5
2022-12-27 CVE-2022-45425 Use of Hard-coded Credentials vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key.
network
low complexity
dahuasecurity CWE-798
7.5
7.5
2022-12-27 CVE-2022-45427 Unrestricted Upload of File with Dangerous Type vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unrestricted upload of file.
network
low complexity
dahuasecurity CWE-434
7.2
7.2
2022-12-27 CVE-2022-45429 Server-Side Request Forgery (SSRF) vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of server-side request forgery (SSRF).
network
low complexity
dahuasecurity CWE-918
7.5
7.5
2022-12-27 CVE-2022-45431 Unspecified vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server.
network
low complexity
dahuasecurity
7.5
7.5