PT-2020-11365 · Dahua · Dahua

Published

2020-05-13

Updated

2020-05-18

CVE-2019-9682

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dahua devices with Build time before December 2019

Description The issue concerns Dahua devices that use a weak security login mode for compatibility with earlier devices. If a user employs this weak security login method, an attacker can intercept network packets to attack the device by monitoring its network.

Recommendations For Dahua devices with Build time before December 2019, disable the weak security login method to prevent potential attacks.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2019-9682

Affected Products

Dahua

PT-2020-11365 · Dahua · Dahua

CVE-2019-9682

Weakness Enumeration

Related Identifiers

Affected Products

References · 4