Vulnerabilities > Dahuasecurity > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-31 CVE-2024-39950 Unspecified vulnerability in Dahuasecurity products
A vulnerability has been found in Dahua products.
network
low complexity
dahuasecurity
critical
 9.8
9.8
2023-07-22 CVE-2023-3836 Unspecified vulnerability in Dahuasecurity Smart Parking Management
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713.
network
low complexity
dahuasecurity
critical
 9.8
9.8
2022-01-13 CVE-2021-33046 Improper Authentication vulnerability in Dahuasecurity products
Some Dahua products have access control vulnerability in the password reset process.
network
low complexity
dahuasecurity CWE-287
critical
 9.8
9.8
2021-09-15 CVE-2021-33044 Improper Authentication vulnerability in Dahuasecurity products
The identity authentication bypass vulnerability found in some Dahua products during the login process.
network
low complexity
dahuasecurity CWE-287
critical
 9.8
9.8
2021-09-15 CVE-2021-33045 Improper Authentication vulnerability in Dahuasecurity products
The identity authentication bypass vulnerability found in some Dahua products during the login process.
network
low complexity
dahuasecurity CWE-287
critical
 9.8
9.8
2020-05-13 CVE-2020-9502 Use of Insufficiently Random Values vulnerability in Dahuasecurity products
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities.
network
low complexity
dahuasecurity CWE-330
critical
 9.8
9.8
2019-09-18 CVE-2019-9677 Classic Buffer Overflow vulnerability in Dahuasecurity products
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets.
network
low complexity
dahuasecurity CWE-120
critical
 9.8
9.8
2018-07-24 CVE-2017-3223 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dahuasecurity IP Camera Firmware 2.400.0000.14.R.20170713/3.200.0001.6
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow.
network
low complexity
dahuasecurity CWE-119
critical
 9.8
9.8
2017-11-28 CVE-2017-9315 Unspecified vulnerability in Dahuasecurity products
Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password.
network
low complexity
dahuasecurity
critical
 9.8
9.8
2017-05-06 CVE-2017-7925 Insufficiently Protected Credentials vulnerability in Dahuasecurity products
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices.
network
low complexity
dahuasecurity CWE-522
critical
 9.8
9.8