PT-2019-19794 · Dahua · Ipc-Hfw4X2X+7

Published

2019-09-18

Updated

2021-07-21

CVE-2019-9680

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dahua products versions prior to August 18, 2019

Description The issue allows attackers to obtain the IP address and device model information of the device by constructing malicious data packets. This affects various Dahua products, including IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X, and IPC-HFW5X2X.

Recommendations For versions prior to August 18, 2019, update the firmware to a version released after August 18, 2019, to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-9680

Affected Products

Ipc-Hdbw4X2X

Ipc-Hdw1X2X

Ipc-Hdw2X2X

Ipc-Hdw5X2X

Ipc-Hfw1X2X

Ipc-Hfw2X2X

Ipc-Hfw4X2X

Ipc-Hfw5X2X

PT-2019-19794 · Dahua · Ipc-Hfw4X2X+7

CVE-2019-9680

Related Identifiers

Affected Products

References · 3