CVE-2022-45424

Published: Dic 27, 2022 Last Modified: Apr 14, 2025 EU-VD ID: EUVD-2022-48296 Aliases: GSD-2022-45424
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key. An attacker can obtain the AES crypto key by sending a specific crafted packet to the vulnerable interface.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0010
Percentile
0,3th
Updated

EPSS Score Trend (Last 90 Days)

306

Missing Authentication for Critical Function

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Cloud Computing, ICS/OT
Likelihood of Exploit: High
View CWE Details
Operating System

Dhi-Dss7016Dr-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016Dr-S2 Firmware
Version 8.0.4
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.0.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss4004-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss4004-S2 Firmware
Version 8.0.4
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.0.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016D-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016D-S2 Firmware
Version 8.0.2
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Express by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Express
Version 8.0.4
cpe:2.3:a:dahuasecurity:dss_express:8.0.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Express by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Express
Version 7.002.1760000.2
cpe:2.3:a:dahuasecurity:dss_express:7.002.1760000.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss4004-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss4004-S2 Firmware
Version 8.0.2
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Professional by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Professional
Version 8.1
cpe:2.3:a:dahuasecurity:dss_professional:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Express by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Express
Version 8.0.2
cpe:2.3:a:dahuasecurity:dss_express:8.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Professional by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Professional
Version 8.1.1
cpe:2.3:a:dahuasecurity:dss_professional:8.1.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016Dr-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016Dr-S2 Firmware
Version 8.1
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016D-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016D-S2 Firmware
Version 8.0.4
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.0.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss4004-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss4004-S2 Firmware
Version 8.1
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Professional by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Professional
Version 8.0.2
cpe:2.3:a:dahuasecurity:dss_professional:8.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Express by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Express
Version 8.1.1
cpe:2.3:a:dahuasecurity:dss_express:8.1.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Professional by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Professional
Version 7.002.1760000.2
cpe:2.3:a:dahuasecurity:dss_professional:7.002.1760000.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss4004-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss4004-S2 Firmware
Version 1.001.0000001.2
cpe:2.3:o:dahuasecurity:dhi-dss4004-s2_firmware:1.001.0000001.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016Dr-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016Dr-S2 Firmware
Version 8.0.2
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:8.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016D-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016D-S2 Firmware
Version 1.001.0000001.2
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:1.001.0000001.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016D-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016D-S2 Firmware
Version 8.1
cpe:2.3:o:dahuasecurity:dhi-dss7016d-s2_firmware:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Dhi-Dss7016Dr-S2 Firmware by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dhi-Dss7016Dr-S2 Firmware
Version 1.001.0000001.2
cpe:2.3:o:dahuasecurity:dhi-dss7016dr-s2_firmware:1.001.0000001.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Professional by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Professional
Version 8.0.4
cpe:2.3:a:dahuasecurity:dss_professional:8.0.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Dss Express by Dahuasecurity

Product Information
Vendor Dahuasecurity
Product Dss Express
Version 8.1
cpe:2.3:a:dahuasecurity:dss_express:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.dahuasecurity.com/support/cybersecurity/details…
Patch Vendor Advisory
https://www.dahuasecurity.com/support/cybersecurity/details/1137
https://www.dahuasecurity.com/support/cybersecurity/details…
Patch Vendor Advisory
https://www.dahuasecurity.com/support/cybersecurity/details/1137