VYPR

software products

by Dahua

CVEs (2)

  • CVE-2022-45427HigDec 27, 2022
    risk 0.47cvss 7.2epss 0.01

    Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files.

  • CVE-2022-45432MedDec 27, 2022
    risk 0.35cvss 5.3epss 0.01

    Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs…