Two critical security vulnerabilities have been identified in Dahua security cameras, allowing remote attackers to take full control of affected devices. Users are urged to update their firmware immediately to prevent potential exploits. #CVE-2025-31700 #CVE-2025-31701 #DahuaHeroC1
Keypoints
- The vulnerabilities include a stack-based buffer overflow in the ONVIF protocol and a .bss segment overflow in the file upload handler.
- Both flaws enable remote attackers to execute arbitrary code and gain root access to the devices.
- The affected devices include Dahua Hero C1, IPC-1XXX, IPC-2XXX, IPC-WX, and SD-series cameras.
- Dahua released patches on July 7, 2025, following coordinated disclosure with security researchers.
- Users should update firmware or implement security measures such as disabling port forwarding and isolating the cameras on separate networks.
Read More: https://hackread.com/bitdefender-update-dahua-cameras-critical-flaws/