Vulnerabilidades en Dahua
19 resultadosCVE-2023-3836MEDIUMDahua Smart Park Management unrestricted uploadEPSS 73.5%CVE-2017-3223—Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflowEPSS 5.3%CVE-2025-31700HIGHA vulnerability has been found in Dahua products.
Attackers could exploit a buffer overflow vulnerability by sending specially crafted maliEPSS 0.8%CVE-2025-31701HIGHA vulnerability has been found in Dahua products.
Attackers could exploit a buffer overflow vulnerability by sending specially crafted maliEPSS 0.8%CVE-2019-9681—Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing EPSS 0.8%CVE-2024-39949HIGHA vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, cEPSS 0.6%CVE-2024-39944HIGHA vulnerability has been found in Dahua products.Attackers
can send carefully crafted data packets to the interface with vulnerabilities,
caEPSS 0.6%CVE-2024-39948HIGHA vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, cEPSS 0.6%CVE-2024-13130MEDIUMDahua IPC-HFW1200S Web Interface Sha1Account1 path traversalEPSS 0.6%CVE-2024-39950HIGHA vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities toEPSS 0.5%CVE-2023-3121LOWDahua Smart Parking Management image server-side request forgeryEPSS 0.5%CVE-2024-39947MEDIUMA vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefullEPSS 0.5%CVE-2024-39945MEDIUMA vulnerability has been found in Dahua products. After
obtaining the administrator's username and password, the attacker can send a
carefuEPSS 0.5%CVE-2024-39946MEDIUMA vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefullEPSS 0.4%CVE-2026-29116HIGHA vulnerability has been found in some Dahua products could
allow an unauthenticated remote attacker to send a specially crafted packet,
triEPSS 0.4%CVE-2026-29115MEDIUMA vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggEPSS 0.4%CVE-2025-31702MEDIUMA vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploiEPSS 0.3%CVE-2025-31703LOWA vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker with physical access to the device may gain access to a restEPSS 0.2%CVE-2026-29114LOWA vulnerability has been found in some Dahua products. An attacker
may obtain the device’s CA root certificate. If that CA is installed and
EPSS 0.2%