CVE-2019-9676

Name of the Vulnerable Software and Affected Versions Dahua IP Camera devices (IPC-HFW1XXX, IPC-HDW1XXX, IPC-HFW2XXX) versions prior to 2018/11

Description A buffer overflow issue exists in the function for redirection display of serial port printing information. This function is not used by basic product functions. After local login, an attacker can exploit this issue to cause device restart or execute arbitrary code. The vulnerability was identified during static code auditing, and the function has been removed from newer devices and software.

Recommendations For versions prior to 2018/11, update to a newer version that includes the fix for this issue. As a temporary workaround, consider restricting local access to the device to minimize the risk of exploitation.