Skip to main content

Dahua

Vendor security scorecard – 6 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 49
6
CVEs
2
Critical
1
High
0
KEV
0
PoC
3
Unpatched C/H
0.0%
Patch Rate
0.3%
Avg EPSS

Severity Breakdown

CRITICAL
2
HIGH
1
MEDIUM
1
LOW
2

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2023-7309 A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform (also referred to as the Dahua Smart Campus Integrated Management Platform), affecting the SOAP-based GIS. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. CRITICAL 10.0 1.2% 51
No patch
CVE-2026-29116 Remote denial-of-service in multiple Dahua video surveillance product lines (IPC, SD, NVR, XVR, EVS, VTO, VTH, ASI, TPC) allows unauthenticated network attackers to send a specially crafted packet that triggers an unhandled exception (CWE-617), forcing the device into an unexpected reboot. The CVSS 4.0 score of 8.7 reflects high availability impact with no required privileges or user interaction, and no public exploit identified at time of analysis. HIGH 8.7 0.1% 44
No patch
CVE-2026-29115 Denial of service in Dahua IPC and SD (Speed Dome) camera devices allows an authenticated remote attacker to trigger an unexpected system reboot by sending a specially crafted network packet. The vulnerability is vendor-reported under advisory DHCC-SA-202606-001 and affects specific IPC and SD models with firmware built before March 26, 2026. No public exploit code has been identified at time of analysis, and the attack requires high-privilege authentication (PR:H), materially limiting the realistic attacker population. MEDIUM 6.9 0.1% 35
No patch
CVE-2025-31703 This vulnerability in Dahua NVR/XVR devices allows unauthenticated privilege escalation through the serial port console by bypassing shell authentication mechanisms. Affected devices include Dahua NVR2-4KS3, XVR4232AN-I/T, and XVR1B16H-I/T models with build dates prior to March 3, 2026. An attacker with physical access to the device can gain a restricted shell and escalate privileges to access sensitive system functions, though the CVSS 2.4 score reflects the requirement for physical proximity and lack of data availability impact. LOW 2.4 0.0% 12
No patch
CVE-2026-29114 CA root certificate exposure in Dahua IPC devices allows unauthenticated network-based attackers, under specific prerequisite conditions, to retrieve the device's internal CA root certificate. If the obtained certificate is installed and trusted on client systems, the attacker could leverage it to issue fraudulent certificates recognized as valid by those clients, collapsing the integrity of affected certificate trust chains. No active exploitation has been confirmed (not in CISA KEV), no public exploit code has been identified, and the CVSS 4.0 score of 2.3 reflects the multi-step, user-dependent nature of the full attack chain. LOW 2.3 0.0% 12
No patch
CVE-2024-13985 A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capture_handle.action interface. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. CRITICAL 10.0 0.3% –
No patch

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy