Critical severity9.8NVD Advisory· Published Sep 18, 2019· Updated Jun 17, 2026
CVE-2019-9677
CVE-2019-9677
Description
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
Affected products
2- Range: < August 18, 2019
- Dahua Technology/IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2Xv5Range: Versions which Build time before August 18 2019
Patches
Vulnerability mechanics
References
1- www.dahuasecurity.com/support/cybersecurity/details/637nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.