CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

dahuasecurity

n52b2p_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2020-9502

CRITICAL9.8

Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.

dahuasecurity / sd6al_firmware+19

Network

Published May 13, 2020

CVE-2019-9682

HIGH8.1

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.

dahuasecurity / sd6al_firmware+19

Network

Published May 13, 2020

CVE-2020-9499

HIGH7.2

Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.

dahuasecurity / sd6al_firmware+18

Network

Published Apr 9, 2020

CVE-2020-9500

MEDIUM4.9

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down.

dahuasecurity / sd6al_firmware+18

Network

Published Apr 9, 2020