CVE-2022-45432 (dhi-dss4004-s2_firmware, dhi-dss7016d-s2_firmware, dhi-dss7016dr-s2_firmware, dss_express, dss_professional)

Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.Read More