Cybersecurity researchers have disclosed now-patched vital safety flaws within the firmware of Dahua sensible cameras that, if left unaddressed, may enable attackers to hijack management of prone gadgets.
“The failings, affecting the system’s ONVIF protocol and file add handlers, enable unauthenticated attackers to execute arbitrary instructions remotely, successfully taking up the system,” Bitdefender mentioned in a report shared with The Hacker Information.
The vulnerabilities, tracked as CVE-2025-31700 and CVE-2025-31701 (CVSS scores: 8.1), have an effect on the next gadgets operating variations with constructed timestamps earlier than April 16, 2025 –
- IPC-1XXX Sequence
- IPC-2XXX Sequence
- IPC-WX Sequence
- IPC-ECXX Sequence
- SD3A Sequence
- SD2A Sequence
- SD3D Sequence
- SDT2A Sequence
- SD2C Sequence
It is value noting that customers can view the construct time by logging in to the online interface of the system after which navigating to Settings -> System Info -> Model.
Each shortcomings are labeled as buffer overflow vulnerabilities that could possibly be exploited by sending specifically crafted malicious packets, leading to denial-of-service or distant code execution (RCE).
Particularly, CVE-2025-31700 has been described as a stack-based buffer overflow within the Open Community Video Interface Discussion board (ONVIF) request handler, whereas CVE-2025-31701 issues an overflow bug within the RPC file add handler.
“Some gadgets could have deployed safety mechanisms akin to Handle House Format Randomization (ASLR), which reduces the chance of profitable RCE exploitation,” Dahua mentioned in an alert launched final week. “Nevertheless, denial-of-service (DoS) assaults stay a priority.”
Provided that these fashions are used for video surveillance in retail, casinos, warehouses, and residential settings, the failings can have important penalties as they’re unauthenticated and exploitable over the native community.
“Units uncovered to the web by port forwarding or UPnP are particularly in danger,” the Romanian cybersecurity firm mentioned. “Profitable exploitation gives root-level entry to the digital camera with no consumer interplay. As a result of the exploit path bypasses firmware integrity checks, attackers can load unsigned payloads or persist through customized daemons, making cleanup tough.”
