Ilya Smit

**Name of the Vulnerable Software and Affected Versions** Dahua IP camera products versions prior to V2.400.0000.14.R.20170713 Dahua IP camera products versions prior to DH IPC-Consumer-Zi-Themis Eng P V2.408.0000.11.R.20170621 **Description** The issue is related to a stack buffer overflow in the Sonia web interface of Dahua IP camera products. The `sonia` application, located at `/usr/bin/sonia`, provides the web interface and other services for controlling the IP camera remotely. It does not validate input data length for the `password` field, allowing a remote, unauthenticated attacker to submit a crafted POST request to the IP camera's Sonia web interface. This may lead to out-of-bounds memory operations, loss of availability, or remote code execution. **Recommendations** For versions prior to V2.400.0000.14.R.20170713, update the firmware to a version that includes the patched Sonia web interface. For versions prior to DH IPC-Consumer-Zi-Themis Eng P V2.408.0000.11.R.20170621, update the firmware to a version that includes the patched Sonia web interface. As a temporary workaround, consider restricting access to the `sonia` application until a patch is available. Avoid using the `password` field in the affected API endpoint until the issue is resolved.