Dahua products
by Dahua
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-29116 | Hig | 0.57 | — | — | Jun 10, 2026 | A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service. | ||
| CVE-2026-29115 | Med | 0.45 | — | — | Jun 10, 2026 | A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service. | ||
| CVE-2021-33045 | 0.20 | — | 0.94 | KEV | Sep 15, 2021 | The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. | ||
| CVE-2021-33044 | 0.20 | — | 0.94 | KEV | Sep 15, 2021 | The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. | ||
| CVE-2026-29114 | Low | 0.15 | — | — | Jun 10, 2026 | A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust… | ||
| CVE-2022-30564 | 0.00 | — | 0.00 | Feb 9, 2023 | Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time. | |||
| CVE-2021-33046 | 0.00 | — | 0.01 | Jan 13, 2022 | Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords. |
- risk 0.57cvss —epss —
A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.
- risk 0.45cvss —epss —
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service.
- risk 0.20cvss —epss 0.94
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
- risk 0.20cvss —epss 0.94
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
- risk 0.15cvss —epss —
A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust…
- CVE-2022-30564Feb 9, 2023risk 0.00cvss —epss 0.00
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
- CVE-2021-33046Jan 13, 2022risk 0.00cvss —epss 0.01
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.