Vulnerabilities > Dahuasecurity > DHI Dss4004 S2 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-27 CVE-2022-45424 Missing Authentication for Critical Function vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.
network
low complexity
dahuasecurity CWE-306
5.3
5.3
2022-12-27 CVE-2022-45426 Files or Directories Accessible to External Parties vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unrestricted download of file.
network
low complexity
dahuasecurity CWE-552
6.5
6.5
2022-12-27 CVE-2022-45432 Unspecified vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated search for devices.
network
low complexity
dahuasecurity
5.3
5.3
2022-12-27 CVE-2022-45434 Unspecified vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server.
network
high complexity
dahuasecurity
5.9
5.9