PT-2026-26031 · Dahua · Nvr2-4Ks3+2
Published
2026-03-18
·
Updated
2026-03-18
·
CVE-2025-31703
CVSS v4.0
2.4
| Vector | AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
A vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker with physical access to the device may gain access to a restricted shell via the serial port, and bypasses the shell's authentication mechanism to escalate privileges.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nvr2-4Ks3
Xvr1B16H-I/T
Xvr4232An-I/T