CVE-2022-45423

Name of the Vulnerable Software and Affected Versions Dahua software products (affected versions not specified)

Description The issue concerns a vulnerability that allows an attacker to obtain encrypted MQTT credentials through an unauthenticated request by sending a crafted packet to the vulnerable interface. The obtained credentials cannot be directly exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.