CVE-2022-45423 (dhi-dss4004-s2_firmware, dhi-dss7016d-s2_firmware, dhi-dss7016dr-s2_firmware, dss_express, dss_professional)

Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface (the credentials cannot be directly exploited).Read More