Vulnerabilities > Dahuasecurity > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-31 | CVE-2024-39950 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products. | 9.8 |
| 2023-07-22 | CVE-2023-3836 | Unrestricted Upload of File with Dangerous Type vulnerability in Dahuasecurity Smart Parking Management A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. | 9.8 |
| 2021-09-15 | CVE-2021-33044 | Improper Authentication vulnerability in Dahuasecurity products The identity authentication bypass vulnerability found in some Dahua products during the login process. | 9.8 |
| 2021-09-15 | CVE-2021-33045 | Improper Authentication vulnerability in Dahuasecurity products The identity authentication bypass vulnerability found in some Dahua products during the login process. | 9.8 |
| 2017-03-30 | CVE-2017-7253 | Insecure Storage of Sensitive Information vulnerability in Dahuasecurity IP Camera Firmware 3.200.0001.6 Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. | 9.0 |
| 2017-03-09 | CVE-2017-6432 | Cleartext Transmission of Sensitive Information vulnerability in Dahuasecurity NVR Firmware 3.210.0001.10 An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. | 9.3 |
| 2017-02-27 | CVE-2017-6343 | Improper Authentication vulnerability in Dahuasecurity Camera Firmware, NVR Firmware and Smartpss Firmware The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117. | 9.3 |
| 2017-02-27 | CVE-2017-6342 | Improper Privilege Management vulnerability in Dahuasecurity Camera Firmware, NVR Firmware and Smartpss Firmware An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. | 10.0 |
| 2013-09-17 | CVE-2013-5754 | Permissions, Privileges, and Access Controls vulnerability in Dahuasecurity products The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving (1) ActiveX, (2) a standalone client, or (3) unspecified other vectors, a different vulnerability than CVE-2013-3612. | 10.0 |
| 2013-09-17 | CVE-2013-3614 | Permissions, Privileges, and Access Controls vulnerability in Dahuasecurity products Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack. | 9.3 |