Ethical Hacking News
Critical security flaws have been discovered in Dahua smart cameras, leaving vulnerable devices open to remote hijacking via exploits. The flaws were identified as buffer overflow vulnerabilities that could be exploited over the local network and even remotely. Users are advised to take immediate action to address these vulnerabilities by installing firmware updates or patches.
Summary: A recent discovery of security flaws in Dahua smart cameras has raised concerns about potential exploitation via remote hijacking. The affected devices, running versions with built timestamps before April 16, 2025, are vulnerable to buffer overflow exploits over the local network and even remotely. Users are advised to prioritize firmware security and take immediate action to address these vulnerabilities.
Dahua smart cameras have critical security flaws that allow for remote hijacking and exploitation. The vulnerabilities affect devices running firmware with built timestamps before April 16, 2025. Buffer overflow vulnerabilities can be exploited by sending specially crafted malicious packets to the devices. Denial-of-service (DoS) attacks remain a concern despite some devices having deployed protection mechanisms like Address Space Layout Randomization (ASLR). The impacted devices include several series of Dahua smart cameras, and users are advised to view their firmware build time to identify affected models.
Critical security flaws have been discovered in the firmware of Dahua smart cameras, leaving devices open to remote hijacking and exploitation. The vulnerabilities, identified by cybersecurity researchers at Bitdefender, affect a range of models running versions with built timestamps before April 16, 2025.
According to Bitdefender, the flaws are classified as buffer overflow vulnerabilities that could be exploited by sending specially crafted malicious packets to the devices. Specifically, CVE-2025-31700 concerns a stack-based buffer overflow in the Open Network Video Interface Forum (ONVIF) request handler, while CVE-2025-31701 concerns an overflow bug in the RPC file upload handler.
The researchers noted that these vulnerabilities could be exploited over the local network and even remotely, provided that devices were exposed to the internet through port forwarding or Universal Plug and Play (UPnP). The exploits bypassed firmware integrity checks, allowing attackers to load unsigned payloads or persist via custom daemons. This made cleanup particularly challenging.
Dahua, the manufacturer of the affected cameras, released an alert last week, stating that some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduced the likelihood of successful Remote Code Execution (RCE) exploitation. However, denial-of-service (DoS) attacks remained a concern.
The vulnerabilities were discovered in several series of Dahua smart cameras, including the IPC-1XXX Series, IPC-2XXX Series, IPC-WX Series, IPC-ECXX Series, SD3A Series, SD2A Series, SD3D Series, SDT2A Series, and SD2C Series.
The impact of these vulnerabilities is significant, given that Dahua cameras are used for video surveillance in various settings such as retail, casinos, warehouses, and residential areas. Devices exposed to the internet through port forwarding or UPnP are particularly at risk, providing unauthenticated access to the camera with no user interaction.
To mitigate this threat, users can view the build time by logging into the web interface of their device and navigating to Settings -> System Information -> Version. This information may help identify whether a specific model is affected by these vulnerabilities.
In response to these critical security flaws, Dahua has recommended that affected customers take immediate action to address the vulnerabilities. Given the severity of this threat and the potential consequences of exploitation, it is essential for users to prioritize their camera's firmware security and implement necessary measures to prevent unauthorized access or hijacking.
As with any new vulnerability discovered in popular IoT devices, it highlights the ongoing importance of monitoring and staying informed about emerging threats in the cybersecurity landscape. Regular software updates and patches can often provide a simple yet effective way to address these vulnerabilities and reduce the risk of exploitation.
The emergence of such security flaws underscores the need for organizations and individuals alike to prioritize firmware security when deploying smart devices, especially those connected to the internet. By staying informed about emerging threats and taking proactive measures to protect their devices, users can minimize the risk of being exploited by such vulnerabilities.
Related Information:
https://www.ethicalhackingnews.com/articles/Critical-Dahua-Camera-Flaws-Leave-Vulnerable-Devices-Open-to-Hijacking-via-Remote-Exploits-ehn.shtml
https://thehackernews.com/2025/07/critical-dahua-camera-flaws-enable.html
https://nvd.nist.gov/vuln/detail/CVE-2025-31700
https://www.cvedetails.com/cve/CVE-2025-31700/
https://nvd.nist.gov/vuln/detail/CVE-2025-31701
https://www.cvedetails.com/cve/CVE-2025-31701/
Published: Wed Jul 30 09:01:09 2025 by llama3.2 3B Q4_K_M
