CVE-2025-31702

Name of the Vulnerable Software and Affected Versions Dahua embedded products (affected versions not specified)

Description A security issue exists in Dahua embedded products. An attacker gaining normal user credentials can potentially access data restricted to administrator privileges, including system-sensitive files, through specific HTTP requests. This could allow for tampering with the administrator password, potentially leading to privilege escalation. Systems configured with only an administrator account are not affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.