Skip to main content

Ipc Hdw2X2X Firmware

5 CVEs product

Monthly

CVE-2019-9680 MEDIUM PATCH This Month

Some Dahua products have information leakage issues. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dahua Information Disclosure Ipc Hdw1X2X Firmware Ipc Hfw1X2X Firmware Ipc Hdw2X2X Firmware +6
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2019-9679 HIGH PATCH This Week

Some of Dahua's Debug functions do not have permission separation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Dahua Ipc Hdw1X2X Firmware Ipc Hfw1X2X Firmware Ipc Hdw2X2X Firmware +6
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-9678 HIGH PATCH This Week

Some Dahua products have the problem of denial of service during the login process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dahua Ipc Hdw1X2X Firmware Ipc Hfw1X2X Firmware Ipc Hdw2X2X Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2019-9677 CRITICAL PATCH Act Now

The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dahua Ipc Hdw1X2X Firmware Ipc Hfw1X2X Firmware Ipc Hdw2X2X Firmware +6
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-9681 MEDIUM PATCH This Month

Online upgrade information in some firmware packages of Dahua products is not encrypted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dahua Information Disclosure Ipc Hdw1X2X Firmware Ipc Hfw1X2X Firmware Ipc Hdw2X2X Firmware +6
NVD
CVSS 3.1
5.3
EPSS
0.8%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Some Dahua products have information leakage issues. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dahua Information Disclosure Ipc Hdw1X2X Firmware +8
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Some of Dahua's Debug functions do not have permission separation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Dahua Ipc Hdw1X2X Firmware +8
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Some Dahua products have the problem of denial of service during the login process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dahua Ipc Hdw1X2X Firmware +8
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Dahua Ipc Hdw1X2X Firmware +8
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Online upgrade information in some firmware packages of Dahua products is not encrypted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dahua Information Disclosure Ipc Hdw1X2X Firmware +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy