VYPR

Vendor CVEs

Dahua

All CVEs

62 total · sorted by risk
  • CVE-2013-3613Sep 17, 2013
    risk 0.04cvss epss 0.07

    Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.

  • CVE-2013-3612Sep 17, 2013
    risk 0.04cvss epss 0.10

    Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown…

  • CVE-2025-36746Dec 12, 2025
    risk 0.00cvss epss 0.00

    SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an authenticated user to inject payloads into report names, which may execute in a victim’s browser during a deletion attempt.

  • CVE-2024-39950Jul 31, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.

  • CVE-2024-39949Jul 31, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

  • CVE-2024-39948Jul 31, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

  • CVE-2024-39947Jul 31, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.

  • CVE-2024-39946Jul 31, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization.

  • CVE-2024-39945Jul 31, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Dahua products.  After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.

  • CVE-2024-39944Jul 31, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

  • CVE-2013-5754Sep 17, 2013
    risk 0.00cvss epss 0.02

    The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving…

  • CVE-2012-3002Dec 21, 2012
    risk 0.00cvss epss 0.04

    The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL.

Page 2 of 2