Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.
References
Link | Resource |
---|---|
https://www.dahuasecurity.com/support/cybersecurity/details/727 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
History
19 Apr 2021, 14:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:dahua:sd5a:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:n52b2p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:n42b2p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:n52a4p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n52b2p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:ipc-hx5842h:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:sd1a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:n54a4p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:ptz1a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n52a4p:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:n42b3p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:sd50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:ipc-hx5842h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:sd6al_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n42b3p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:ipc-hx7842h:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:sd5a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:sd6al:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:sd50:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:n52b3p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n52b5p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:ptz1a:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:n52b5p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:sd52c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahua:n42b1p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n52b3p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:sd1a:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:ipc-hx2xxx:-:*:*:*:*:*:*:* cpe:2.3:o:dahua:ipc-hx7842h_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahua:n42b1p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:sd52c:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:n42b2p:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:ipc-hxxx5x4x:-:*:*:*:*:*:*:* cpe:2.3:h:dahua:n54b2p:-:*:*:*:*:*:*:* |
cpe:2.3:h:dahuasecurity:n42b3p:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n52b5p:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n52b5p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n42b2p:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n52a4p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:ipc-hx7842h:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n54a4p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:ipc-hx5842h:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n42b2p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n42b3p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n52b2p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n52b3p:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n54b2p:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:ipc-hxxx5x4x:-:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n52b2p:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:ipc-hx5842h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n54b2p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n52b3p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:n42b1p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n42b1p:-:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:ipc-hx7842h_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dahuasecurity:n52a4p:-:*:*:*:*:*:*:* |
Information
Published : 2020-04-09 14:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-9499
Mitre link : CVE-2020-9499
CVE.ORG link : CVE-2020-9499
JSON object : View
Products Affected
dahuasecurity
- ipc-hxxx5x4x_firmware
- n52b3p
- n42b3p_firmware
- n52a4p
- n54a4p_firmware
- ipc-hx5842h
- ipc-hx2xxx
- n42b2p_firmware
- ipc-hx2xxx_firmware
- ipc-hx7842h_firmware
- sd52c
- sd1a_firmware
- n42b3p
- ipc-hx5842h_firmware
- n52a4p_firmware
- n52b5p_firmware
- sd50_firmware
- sd5a
- ptz1a_firmware
- ipc-hx7842h
- n42b2p
- sd50
- ipc-hxxx5x4x
- n54b2p_firmware
- sd1a
- sd52c_firmware
- n52b5p
- sd5a_firmware
- n52b3p_firmware
- n52b2p_firmware
- n42b1p
- n54b2p
- sd6al
- n52b2p
- ptz1a
- n42b1p_firmware
- sd6al_firmware
dahua
- n54a4p
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')