Unrated severityNVD Advisory· Published Jul 22, 2023· Updated Aug 2, 2024
Dahua Smart Park Management unrestricted upload
CVE-2023-3836
Description
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePoint_addImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 20230713
- Dahua/Smart Park Managementv5Range: 20230713
Patches
Vulnerability mechanics
References
3- github.com/qiuhuihk/cve/blob/main/upload.mdmitreexploit
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.