Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits

Posted on By CWS

Jul 30, 2025Ravie LakshmananFirmware Safety / Vulnerability
Cybersecurity researchers have disclosed now-patched important safety flaws within the firmware of Dahua good cameras that, if left unaddressed, might enable attackers to hijack management of prone units.
“The failings, affecting the gadget’s ONVIF protocol and file add handlers, enable unauthenticated attackers to execute arbitrary instructions remotely, successfully taking up the gadget,” Bitdefender stated in a report shared with The Hacker Information.
The vulnerabilities, tracked as CVE-2025-31700 and CVE-2025-31701 (CVSS scores: 8.1), have an effect on the next units operating variations with constructed timestamps earlier than April 16, 2025 –

IPC-1XXX Collection
IPC-2XXX Collection
IPC-WX Collection
IPC-ECXX Collection
SD3A Collection
SD2A Collection
SD3D Collection
SDT2A Collection
SD2C Collection

It is value noting that customers can view the construct time by logging in to the online interface of the gadget after which navigating to Settings -> System Data -> Model.
Each shortcomings are categorised as buffer overflow vulnerabilities that might be exploited by sending specifically crafted malicious packets, leading to denial-of-service or distant code execution (RCE).
Particularly, CVE-2025-31700 has been described as a stack-based buffer overflow within the Open Community Video Interface Discussion board (ONVIF) request handler, whereas CVE-2025-31701 issues an overflow bug within the RPC file add handler.
“Some units might have deployed safety mechanisms reminiscent of Deal with House Structure Randomization (ASLR), which reduces the chance of profitable RCE exploitation,” Dahua stated in an alert launched final week. “Nonetheless, denial-of-service (DoS) assaults stay a priority.”
On condition that these fashions are used for video surveillance in retail, casinos, warehouses, and residential settings, the failings can have important penalties as they’re unauthenticated and exploitable over the native community.
“Units uncovered to the web by way of port forwarding or UPnP are particularly in danger,” the Romanian cybersecurity firm stated. “Profitable exploitation supplies root-level entry to the digicam with no person interplay. As a result of the exploit path bypasses firmware integrity checks, attackers can load unsigned payloads or persist through customized daemons, making cleanup tough.”

The Hacker News Tags:, , , , , , , , , ,

Related Posts

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation The Hacker News
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks The Hacker News
Security Tools Alone Don’t Protect You — Control Effectiveness Does The Hacker News
Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement The Hacker News
A Look Inside Pillar’s AI Security Platform The Hacker News
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide The Hacker News