Cybersecurity researchers have disclosed now-patched vital safety flaws within the firmware of Dahua sensible cameras that, if left unaddressed, may permit attackers to hijack management of prone gadgets.
“The issues, affecting the machine’s ONVIF protocol and file add handlers, permit unauthenticated attackers to execute arbitrary instructions remotely, successfully taking up the machine,” Bitdefender stated in a report shared with The Hacker Information.
The vulnerabilities, tracked as CVE-2025-31700 and CVE-2025-31701 (CVSS scores: 8.1), have an effect on the next gadgets operating variations with constructed timestamps earlier than April 16, 2025 –
- IPC-1XXX Collection
- IPC-2XXX Collection
- IPC-WX Collection
- IPC-ECXX Collection
- SD3A Collection
- SD2A Collection
- SD3D Collection
- SDT2A Collection
- SD2C Collection
It is price noting that customers can view the construct time by logging in to the online interface of the machine after which navigating to Settings -> System Data -> Model.
Each shortcomings are categorised as buffer overflow vulnerabilities that may very well be exploited by sending specifically crafted malicious packets, leading to denial-of-service or distant code execution (RCE).
Particularly, CVE-2025-31700 has been described as a stack-based buffer overflow within the Open Community Video Interface Discussion board (ONVIF) request handler, whereas CVE-2025-31701 issues an overflow bug within the RPC file add handler.
“Some gadgets might have deployed safety mechanisms similar to Handle Area Structure Randomization (ASLR), which reduces the chance of profitable RCE exploitation,” Dahua stated in an alert launched final week. “Nonetheless, denial-of-service (DoS) assaults stay a priority.”
Provided that these fashions are used for video surveillance in retail, casinos, warehouses, and residential settings, the failings can have vital penalties as they’re unauthenticated and exploitable over the native community.
“Gadgets uncovered to the web via port forwarding or UPnP are particularly in danger,” the Romanian cybersecurity firm stated. “Profitable exploitation offers root-level entry to the digital camera with no consumer interplay. As a result of the exploit path bypasses firmware integrity checks, attackers can load unsigned payloads or persist by way of customized daemons, making cleanup tough.”
