Back to search
CVE-2020-9502
Published: May 13, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.
| Vendor | Product | Versions |
|---|---|---|
n/a | IPC-HX2XXX Series,IPC-HXXX5X4X Series,IPC-HX5842H,IPC-HX7842H,NVR 5x Series,NVR 4x Series,SD6AL Series,SD5A Series,SD1A Series,PTZ1A Series,SD50/52C Series,IPC-HFW1431S | affected Versions which Build time before December,2019 |
References
https://www.dahuasecurity.com/support/cybersecurity/details/777
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now