A race condition can cause incorrect HTTP request routing. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Some Dahua software products have a vulnerability of sensitive information leakage. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.