Dahua Technology 漏洞與 CVE 列表(58)

產品(CPE): — CVE 數: 58

Dahua Technology 漏洞概覽

彙總 Dahua Technology 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 開放重定向與路徑處理缺陷 等問題,部分漏洞可能導致 應用程式崩潰,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 12058 CVE 數
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2024-39950 A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization. [email protected] 8.6 0.49% 2024-07-31 2026-06-17
CVE-2024-39949 A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. [email protected] 7.5 0.56% 2024-07-31 2026-06-17
CVE-2024-39948 A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. [email protected] 7.5 0.56% 2024-07-31 2026-06-17
CVE-2024-39947 A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash. [email protected] 6.5 0.46% 2024-07-31 2026-06-17
CVE-2024-39946 A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization. [email protected] 6.0 0.44% 2024-07-31 2026-06-17
CVE-2024-39945 A vulnerability has been found in Dahua products.  After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash. [email protected] 4.9 0.46% 2024-07-31 2026-06-17
CVE-2024-39944 A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash. [email protected] 7.5 0.56% 2024-07-31 2026-06-17
CVE-2023-3836 A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not res [email protected] 6.3 73.52% 2023-07-22 2026-06-17
CVE-2023-3121 A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code of the file /ipms/imageConvert/image. The manipulation of the argument fileUrl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230800. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. [email protected] 3.5 0.46% 2023-06-06 2026-06-17
CVE-2022-30564 Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time. [email protected] 5.3 0.44% 2023-02-09 2026-06-17
CVE-2022-45434 Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP request attack to the designated target host. [email protected] 5.9 0.66% 2022-12-27 2026-06-17
CVE-2022-45433 Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could get the traceroute results. [email protected] 3.7 0.62% 2022-12-27 2026-06-17
CVE-2022-45432 Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server. [email protected] 5.3 0.70% 2022-12-27 2026-06-17
CVE-2022-45431 Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server. [email protected] 7.5 0.64% 2022-12-27 2026-06-17
CVE-2022-45430 Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service. [email protected] 3.7 0.41% 2022-12-27 2026-06-17
CVE-2022-45429 Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules. [email protected] 7.5 0.53% 2022-12-27 2026-06-17
CVE-2022-45428 Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can obtain the debugging information. [email protected] 2.7 0.68% 2022-12-27 2026-06-17
CVE-2022-45427 Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files. [email protected] 7.2 0.70% 2022-12-27 2026-06-17
CVE-2022-45426 Some Dahua software products have a vulnerability of unrestricted download of file. After obtaining the permissions of ordinary users, by sending a specific crafted packet to the vulnerable interface, an attacker can download arbitrary files. [email protected] 6.5 0.58% 2022-12-27 2026-06-17
CVE-2022-45425 Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability. [email protected] 7.5 0.53% 2022-12-27 2026-06-17
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
cvelogic Threat Intelligence