Medium severity6.8NVD Advisory· Published Oct 15, 2025· Updated Apr 15, 2026
CVE-2025-31702
CVE-2025-31702
Description
A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP request. This may cause tampering with admin password, leading to privilege escalation. Systems with only admin account are not affected.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.