← back
CVE-2020-9502

CVE-2020-9502

EPSS 1.7%
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.
Affected products
n/a · IPC-HX2XXX Series,IPC-HXXX5X4X Series,IPC-HX5842H,IPC-HX7842H,NVR 5x Series,NVR 4x Series,SD6AL Series,SD5A Series,SD1A Series,PTZ1A Series,SD50/52C Series,IPC-HFW1431S

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.dahuasecurity.com/support/cybersecurity/details/777