Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

N/A

Source -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
0Vulnerabilities found
CVE-2022-45432
Assigner-Dahua Technologies
ShareView Details
Assigner-Dahua Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 16.97%
||
7 Day CHG~0.00%
Published-27 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.

Action-Not Available
Vendor-n/aMicrosoft CorporationDahua Technology Co., Ltd
Product-dhi-dss4004-s2_firmwaredhi-dss7016dr-s2_firmwaredhi-dss4004-s2windowsdhi-dss7016d-s2dhi-dss7016d-s2_firmwaredss_professionaldhi-dss7016dr-s2dss_expressDSS Professional、DSS Express、DHI-DSS7016D-S2/DHI-DSS7016DR-S2、DHI-DSS4004-S2
CWE ID-CWE-306
Missing Authentication for Critical Function