CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2017-3223 – Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow
https://notcve.org/view.php?id=CVE-2017-3223
24 Jul 2018 — Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'pas... • http://www.securityfocus.com/bid/99620 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2017-9317
https://notcve.org/view.php?id=CVE-2017-9317
23 May 2018 — Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device. Se ha encontrado una vulnerabilidad de escalado de privilegios en algunos dispositivos Dahua IP. Un atacante en posesión de una cuenta con bajos privilegios puede obtener acceso a información de credenciales de una cuenta con altos privilegios y obtener información sob... • https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337 •
CVSS: 9.8EPSS: 0%CPEs: 50EXPL: 0CVE-2017-9315 – Dahua Technology IP Camera Predictable Password Algorithm Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-9315
28 Nov 2017 — Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker. >Los clientes de las cámaras Dahua IP o IP PTZ podrían enviar información relevante del dispositivo para recibir una contraseña temporal limitada temporalmente por un distribuidor autorizado de Dahua para resta... • http://www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.html •
CVSS: 6.5EPSS: 0%CPEs: 42EXPL: 0CVE-2017-9316
https://notcve.org/view.php?id=CVE-2017-9316
27 Nov 2017 — Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device to receive only specific data (one direction, no transmit) and therefore it was not involved in any instance of collecting user privacy data or allowing remote code execution. Se ha encontrado una vulnerabilidad de... • http://www.dahuasecurity.com/annoucementsingle/security-advisory--high-risk-vulnerability-found-in-dahua-ipc-hdw4300s-and-some-ip-products_14731_231.html • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 44EXPL: 0CVE-2017-9314
https://notcve.org/view.php?id=CVE-2017-9314
13 Nov 2017 — Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message. Se ha encontrado una vulnerabilidad de autenticación en Dahua NVR, modelos NVR50XX, NVR52XX, NVR54XX y NVR58XX con software anterior a DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Un atacante podría explotar esta vulnerabilidad para obtener acc... • http://www.dahuasecurity.com/annoucementsingle/security-advisory--authentication-vulnerability-found-in-some-dahua-nvr_14731_211.html • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2017-7927
https://notcve.org/view.php?id=CVE-2017-7927
06 May 2017 — A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without o... • http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php • CWE-798: Use of Hard-coded Credentials CWE-836: Use of Password Hash Instead of Password for Authentication •
CVSS: 9.8EPSS: 20%CPEs: 30EXPL: 0CVE-2017-7925
https://notcve.org/view.php?id=CVE-2017-7925
06 May 2017 — A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information. Se... • http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php • CWE-260: Password in Configuration File CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2017-7253
https://notcve.org/view.php?id=CVE-2017-7253
30 Mar 2017 — Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. • http://www.securityfocus.com/bid/97263 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6432
https://notcve.org/view.php?id=CVE-2017-6432
09 Mar 2017 — An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information. Se ha descubierto un problema en dispositivos Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06. El Dahua DVR Protocol, que opera en el ... • https://nullku7.github.io/stuff/exploit/dahua/2017/03/09/dahua-nvr-authbypass.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6342
https://notcve.org/view.php?id=CVE-2017-6342
27 Feb 2017 — An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117. Dispositivos Dahua DHI-HCVR7216A-... • http://www.securityfocus.com/bid/96454 • CWE-269: Improper Privilege Management •