Vulnerabilities (CVE)

Filtered by vendor Dahuasecurity Subscribe
Filtered by product Ipc-hfw1xxx
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9676 1 Dahuasecurity 6 Ipc-hdw1xxx, Ipc-hdw1xxx Firmware, Ipc-hfw1xxx and 3 more 2024-02-04 7.2 HIGH 7.8 HIGH
Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.
CVE-2017-9315 1 Dahuasecurity 50 Dh-sd2xxxxx, Dh-sd2xxxxx Firmware, Dh-sd4xxxxx and 47 more 2024-02-04 5.0 MEDIUM 9.8 CRITICAL
Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.