Browse all 16 CVE security advisories affecting dahua. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Dahua specializes in video surveillance and security solutions, serving critical infrastructure and commercial sectors. Historically, their products have been plagued by multiple remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 16 CVEs documented. Security researchers have frequently identified hardcoded credentials, insecure default configurations, and insufficient input validation in their devices. Notable incidents include being implicated in state-sponsored espionage concerns and being banned from certain government supply chains due to security risks. Their products often lack timely security updates, leaving deployed systems vulnerable to exploitation. The company's security posture has drawn criticism from cybersecurity professionals for prioritizing functionality over robust security measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-3223 | Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow — IP CameraCWE-121 | 9.8 | - | 2018-07-24 |
This page lists every published CVE security advisory associated with dahua. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.