Vulnerabilities > Dahuasecurity > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-28 | CVE-2022-30563 | Unspecified vulnerability in Dahuasecurity products When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet. | 7.4 |
| 2020-05-13 | CVE-2019-9682 | Incorrect Default Permissions vulnerability in Dahuasecurity products Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. | 8.1 |
| 2020-04-09 | CVE-2020-9499 | Classic Buffer Overflow vulnerability in Dahuasecurity products Some Dahua products have buffer overflow vulnerabilities. | 7.2 |
| 2019-09-18 | CVE-2019-9679 | Incorrect Default Permissions vulnerability in Dahuasecurity products Some of Dahua's Debug functions do not have permission separation. | 8.8 |
| 2019-09-18 | CVE-2019-9678 | Unspecified vulnerability in Dahuasecurity products Some Dahua products have the problem of denial of service during the login process. | 7.5 |
| 2019-06-12 | CVE-2019-9676 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dahuasecurity products Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. | 7.8 |
| 2018-05-23 | CVE-2017-9317 | Unspecified vulnerability in Dahuasecurity products Privilege escalation vulnerability found in some Dahua IP devices. | 8.8 |
| 2017-11-13 | CVE-2017-9314 | Improper Authentication vulnerability in Dahuasecurity products Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. | 8.8 |
| 2017-05-06 | CVE-2017-7927 | Use of Hard-coded Credentials vulnerability in Dahuasecurity products A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. | 7.3 |
| 2017-03-30 | CVE-2017-7253 | Insecure Storage of Sensitive Information vulnerability in Dahuasecurity IP Camera Firmware 3.200.0001.6 Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. | 8.8 |