Vulnerabilities > Dahuasecurity > DHI Dss7016Dr S2 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-27	CVE-2022-45423	Missing Authentication for Critical Function vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. network low complexity dahuasecurity CWE-306	7.5
2022-12-27	CVE-2022-45425	Use of Hard-coded Credentials vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. network low complexity dahuasecurity CWE-798	7.5
2022-12-27	CVE-2022-45427	Unrestricted Upload of File with Dangerous Type vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unrestricted upload of file. network low complexity dahuasecurity CWE-434	7.2
2022-12-27	CVE-2022-45429	Server-Side Request Forgery (SSRF) vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of server-side request forgery (SSRF). network low complexity dahuasecurity CWE-918	7.5
2022-12-27	CVE-2022-45431	Unspecified vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. network low complexity dahuasecurity	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.