Vulnerabilities > Dahuasecurity > Sd6Al Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-01-13 CVE-2021-33046 Improper Authentication vulnerability in Dahuasecurity products
Some Dahua products have access control vulnerability in the password reset process.
network
low complexity
dahuasecurity CWE-287
7.5
2021-09-15 CVE-2021-33044 Improper Authentication vulnerability in Dahuasecurity products
The identity authentication bypass vulnerability found in some Dahua products during the login process.
network
low complexity
dahuasecurity CWE-287
critical
10.0
2020-05-13 CVE-2020-9502 Use of Insufficiently Random Values vulnerability in Dahuasecurity products
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities.
network
low complexity
dahuasecurity CWE-330
7.5
2020-05-13 CVE-2019-9682 Incorrect Default Permissions vulnerability in Dahuasecurity products
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control.
6.8
2020-04-09 CVE-2020-9500 Improper Input Validation vulnerability in Dahuasecurity products
Some products of Dahua have Denial of Service vulnerabilities.
network
low complexity
dahuasecurity CWE-20
4.0
2020-04-09 CVE-2020-9499 Classic Buffer Overflow vulnerability in Dahuasecurity products
Some Dahua products have buffer overflow vulnerabilities.
network
low complexity
dahuasecurity CWE-120
6.5