Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login.
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HDahuasecurity Ip Camera
HWDahuasecuritywszystkie wersjeDahuasecurity Ip Camera Firmware
OSDahuasecurity3.200.0001.6
Related vulnerabilities
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the S...
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attack...
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attack...
Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit thi...
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During n...