CVE-2017-9315

Name of the Vulnerable Software and Affected Versions Dahua IP camera (affected versions not specified) Dahua IP PTZ (affected versions not specified)

Description The issue concerns a potentially compromised algorithm used in a password reset mechanism for Dahua IP cameras and IP PTZ devices. This could allow an attacker to utilize the compromised algorithm.

Recommendations For Dahua IP camera, consider restricting access to the password reset mechanism until a secure alternative is provided. For Dahua IP PTZ, avoid using the temporary password feature from Dahua authorized dealers until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.