Vulnerabilities > Dahuasecurity > IPC Hfw2X2X Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-09-18 CVE-2019-9677 Classic Buffer Overflow vulnerability in Dahuasecurity products
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets.
network
low complexity
dahuasecurity CWE-120
7.5
2019-09-18 CVE-2019-9678 Improper Input Validation vulnerability in Dahuasecurity products
Some Dahua products have the problem of denial of service during the login process.
network
low complexity
dahuasecurity CWE-20
5.0
2019-09-18 CVE-2019-9679 Incorrect Default Permissions vulnerability in Dahuasecurity products
Some of Dahua's Debug functions do not have permission separation.
network
low complexity
dahuasecurity CWE-276
6.5
2019-09-18 CVE-2019-9680 Information Exposure vulnerability in Dahuasecurity products
Some Dahua products have information leakage issues.
network
low complexity
dahuasecurity CWE-200
5.0
2019-09-17 CVE-2019-9681 Missing Encryption of Sensitive Data vulnerability in Dahuasecurity products
Online upgrade information in some firmware packages of Dahua products is not encrypted.
network
low complexity
dahuasecurity CWE-311
5.0