Vulnerabilities > Dahuasecurity > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-9501 | Unspecified vulnerability in Dahuasecurity web P2P Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. | 5.5 |
| 2020-04-09 | CVE-2020-9500 | Unspecified vulnerability in Dahuasecurity products Some products of Dahua have Denial of Service vulnerabilities. | 4.9 |
| 2019-09-18 | CVE-2019-9680 | Unspecified vulnerability in Dahuasecurity products Some Dahua products have information leakage issues. | 5.3 |
| 2019-09-17 | CVE-2019-9681 | Missing Encryption of Sensitive Data vulnerability in Dahuasecurity products Online upgrade information in some firmware packages of Dahua products is not encrypted. | 5.3 |
| 2017-11-27 | CVE-2017-9316 | Improper Authentication vulnerability in Dahuasecurity products Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. | 6.5 |
| 2017-02-27 | CVE-2017-6341 | Cleartext Transmission of Sensitive Information vulnerability in Dahuasecurity Camera Firmware, NVR Firmware and Smartpss Firmware Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interfaces, which allows remote attackers to obtain sensitive information by sniffing the network, a different vulnerability than CVE-2013-6117. | 5.9 |