CVE-2022-30563

Name of the Vulnerable Software and Affected Versions Dahua ASI7XXX versions prior to v1.000.0000009.0.R.220620 Dahua IPC-HDBW2XXX versions prior to v2.820.0000000.48.R.220614 Dahua IPC-HX2XXX versions prior to v2.820.0000000.48.R.220614

Description The issue is related to the authentication mechanism WS-UsernameToken in ONVIF, which can be exploited by an attacker using a man-in-the-middle attack to sniff request packets and replay the user's login packet, allowing them to log in to the device. This can give the attacker full access to the IP camera. The vulnerability can be used to compromise network cameras by intercepting unencrypted ONVIF interactions and reusing credentials in a new request to the camera, which will be accepted by the device as valid authenticated requests.

Recommendations For Dahua ASI7XXX versions prior to v1.000.0000009.0.R.220620, update to a version later than v1.000.0000009.0.R.220620 to resolve the issue. For Dahua IPC-HDBW2XXX versions prior to v2.820.0000000.48.R.220614, update to a version later than v2.820.0000000.48.R.220614 to resolve the issue. For Dahua IPC-HX2XXX versions prior to v2.820.0000000.48.R.220614, update to a version later than v2.820.0000000.48.R.220614 to resolve the issue. As a temporary workaround, consider restricting access to ONVIF interactions to minimize the risk of exploitation.