Vulnerabilities > Dahuasecurity > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-31 | CVE-2024-39944 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. | 7.5 |
| 2024-07-31 | CVE-2024-39946 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization. | 7.2 |
| 2024-07-31 | CVE-2024-39948 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. | 7.5 |
| 2024-07-31 | CVE-2024-39949 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. | 7.5 |
| 2022-12-27 | CVE-2022-45423 | Missing Authentication for Critical Function vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. | 7.5 |
| 2022-12-27 | CVE-2022-45425 | Use of Hard-coded Credentials vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. | 7.5 |
| 2022-12-27 | CVE-2022-45427 | Unrestricted Upload of File with Dangerous Type vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unrestricted upload of file. | 7.2 |
| 2022-12-27 | CVE-2022-45429 | Server-Side Request Forgery (SSRF) vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of server-side request forgery (SSRF). | 7.5 |
| 2022-12-27 | CVE-2022-45431 | Unspecified vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. | 7.5 |
| 2022-06-28 | CVE-2022-30560 | Unspecified vulnerability in Dahuasecurity products When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash. | 7.4 |