Cybersecurity researchers have identified and patched critical security flaws in Dahua smart camerasβ firmware, which could allow attackers to hijack devices remotely. These vulnerabilities, affecting multiple series of Dahua cameras, pose significant risks for various environments, including retail and residential settings. #Dahua #BufferOverflow
Keypoints
- The vulnerabilities affect Dahua camera models from several series and are tracked as CVE-2025-31700 and CVE-2025-31701.
- The flaws allow unauthenticated attackers to perform remote code execution and cause device denial-of-service.
- The security issues are caused by buffer overflow bugs in ONVIF request handling and file upload processing.
- Devices exposed to the internet through port forwarding or UPnP are particularly vulnerable to these exploits.
- While some protections like ASLR can mitigate RCE risks, DoS attacks may still succeed, and exploitation provides root access to compromised devices.
Read More: https://thehackernews.com/2025/07/critical-dahua-camera-flaws-enable.html