Critical severity9.8NVD Advisory· Published Nov 28, 2017· Updated May 13, 2026

CVE-2017-9315

Description

Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.

Affected products

Dahua Technologies/Dahua Ip Camera And Ip Ptz Ipc Hfw1xxx, Ipc Hdw1xxx, Ipc Hdbw1xxx, Ipc Hfw2xxx, Ipc Hdw2xxx, Ipc Hdbw2xxx, Ipc Hfw4xxx, Ipc Hdw4xxx, Ipc Hdbw4xxx, Ipc Hf5xxx, Ipc Hfw5xxx, Ipc Hdw5xxx, Ipc Hdbw5xxx, Ipc Hf8xxx, Ipc Hfw8xxx, Ipc Hdbw8xxx, Ipc Ebw8xxx, Ipc Pfw8xxx, Ipc Pdbw8xxx, Ipc Hum8xxx, Psd8xxxx, Dh Sd2xxxxx, Dh Sd4xxxxx, Dh Sd5xxxxx, Dh Sd6xxxxxv5
Range: Versions Build between 2015/07 and 2017/03
Dahuasecurity/Ipc Hfw1xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdw1xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdbw1xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdbw1xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hfw2xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdw2xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdbw2xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdbw2xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hfw4xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdw4xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdbw4xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hf5xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hf5xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hfw5xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hfw5xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdw5xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdw5xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdbw5xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hf8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hfw8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hfw8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hdbw8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hdbw8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Ebw8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-ebw8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Pfw8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-pfw8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Dh Sd2xxxxx Firmware
cpe:2.3:o:dahuasecurity:dh-sd2xxxxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Pdbw8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-pdbw8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Ipc Hum8xxx Firmware
cpe:2.3:o:dahuasecurity:ipc-hum8xxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Psd8xxxx Firmware
cpe:2.3:o:dahuasecurity:psd8xxxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Dh Sd4xxxxx Firmware
cpe:2.3:o:dahuasecurity:dh-sd4xxxxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Dh Sd5xxxxx Firmware
cpe:2.3:o:dahuasecurity:dh-sd5xxxxx_firmware:-:*:*:*:*:*:*:*
Dahuasecurity/Dh Sd6xxxxx Firmware
cpe:2.3:o:dahuasecurity:dh-sd6xxxxx_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.dahuasecurity.com/annoucementsingle/security-advisory--admin-password-recovery-mechanism-in-some-dahua-ip-camera-and-ip-ptz-could-lead-to-security-risk_14731_221.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000