BDU:2025-10933 | Уязвимость камер видеонаблюдения Dahua, связанная

📄 Описание

Уязвимость камер видеонаблюдения Dahua связана с копированием в буфер без проверки размера входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код или вызвать отказ в обслуживании

🖥️ Уязвимое ПО

Dahua Technology Co., Ltd.

Наименование ПО: DH-IPC-HFW1230S1-A-S5, DH-IPC-HDW1230T1-A-S5, DH-IPC-HFW1239S1-A-LED-S5, DH-IPC-HDW1239T1-A-LED-S5, DH-IPC-HFW1230S-A-S5, DH-IPC-HFW1239S1-LED-S5, DH-IPC-HDW1230T-A-S5, DH-IPC-HFW1230TL2-S5, DH-IPC-HDW1230T2-S5, DH-IPC-HFW1439TL1-PV, DH-IPC-HFW1430S1-S5, DH-IPC-HDW1430T1-A-S5, DH-IPC-HDW1430T1-S5, DH-IPC-HFW1430S-S5, DH-IPC-HFW1430S-A-S5, DH-IPC-HDPW1430R1-S5, DH-IPC-HDW1430T-A-S5, DH-IPC-HDW1430T-S5, DH-IPC-HDBW1430E-S5, DH-IPC-HDBW1830E-S6, DH-IPC-HFW1830S-S6, DH-IPC-HDW1830T-S6, DH-IPC-HFW1431S1-A-S4, DH-IPC-HDW1431T1-A-S4, DH-IPC-HFW1431M-A-I1-B-S4, DH-IPC-HFW1431M-A-I2-B-S4, DH-IPC-HDBW1530E-S6, DH-IPC-HFW1530S-S6, DH-IPC-HDW1530T-S6, DH-IPC-HDBW1230E-S5, DH-IPC-HDPW1230R1-S5, DH-IPC-HFW1230S1-S5, DH-IPC-HFW1230M-A-I1-B-S5, DH-IPC-HFW1230M-A-I2-B-S5, DH-IPC-HFW1230DS1-S5, DH-IPC-HDW1230T1-S5, DH-IPC-HDW1230S-S5, DH-IPC-HFW1230S-S5, DH-IPC-HFW1239S-A-LED-S5, DH-IPC-HFW1239V-A-LED-B, DH-IPC-HDPW1230R1-ZS-S5, DH-IPC-HDW1330T1-S5, DH-IPC-HDW1230T1-ZS-S5, DH-IPC-HFW1330S1-S5, DH-IPC-HFW1230T1-ZS-S5, DH-IPC-HDBW1230R-ZS-S5, DH-IPC-HDW1330S-S5, DH-IPC-HDW1230T-ZS-S5, DH-IPC-HFW1330S-S5, DH-IPC-HFW1230T-ZS-S5, DH-IPC-HFW1439S-A-LED-S4, DH-IPC-HDW1239T-A-LED-S5, DH-IPC-HDW1439T-A-LED-S4, DH-IPC-HFW2249S-S-IL, DH-IPC-HFW2449S-S-IL, DH-IPC-HDW2249T-S-IL, DH-IPC-HDW2449T-S-IL, DH-IPC-HFW2241S-S, DH-IPC-HFW2441S-S, DH-IPC-HDW2241T-S, DH-IPC-HDW2441T-S, DH-IPC-HDW2241TM-S, DH-IPC-HDW2441TM-S, DH-IPC-HDBW2241R-ZAS, DH-IPC-HDBW2241R-ZS, DH-IPC-HDBW2441R-ZAS, DH-IPC-HDBW2441R-ZS, DH-IPC-HDW2241T-ZS, DH-IPC-HDW2441T-ZS, DH-IPC-HDBW2241E-S, DH-IPC-HDBW2441E-S, DH-IPC-HFW2241T-AS, DH-IPC-HFW2241T-ZAS, DH-IPC-HFW2241T-ZS, DH-IPC-HFW2441T-ZAS, DH-IPC-HFW2441T-ZS, DH-IPC-HDW2249TM-S-IL, DH-IPC-HDW2449TM-S-IL, DH-IPC-HFW2249T-AS-IL, DH-IPC-HFW2449T-AS-IL, DH-IPC-HFW1230DT-STW, DH-IPC-HFW1430DT-STW, DH-IPC-HDW1230DT-STW, DH-IPC-HDW1430DT-STW, DH-IPC-HFW1230DS-SAW, DH-IPC-HFW1430DS-SAW, DH-IPC-HDBW1230DE-SW, DH-IPC-HDBW1430DE-SW, DH-IPC-HFW1230DS1-SAW, DH-IPC-HFW1430DS1-SAW, DH-IPC-HDW1230DT-SAW, DH-IPC-HDW1430DT-SAW, DH-H2C, DH-H4C, DH-F2C-PV, DH-F2C-LED, DH-T2A-LED, DH-T2A-PV, DH-T4A-PV, DH-T4A-LED, DH-F4C-PV, DH-F4C-LED, DH-P5AE-PV, DH-P3D-3F-PV-4G, DH-P3AE-PV-4G, DH-P5AE-PV-4G, DH-P3AE-PV, DH-SD2A200-GN-A-PV, DH-SD2A500-GN-A-PV, DH-SD3A200-GN-A-PV, DH-SD3A400-GN-A-PV, DH-SD2A200-GN-AW-PV, DH-SD2A500-GN-AW-PV, DH-SD3A405-GN-PV1, DH-SD2A500HB-GN-AW-PV-S2, DH-SD2A200HB-GN-AW-PV-S2, DH-SD2A500HB-GN-A-PV-S2, DH-SD2A200HB-GN-A-PV-S2, DH-SD3D216NB-GNY, DH-SD2C405NB-GNY-A-PV-S2, DH-SD2A300NB-GNY-A-PV, DH-SD2A500NB-GNY-A-PV, DH-SD3D416NB-GNY, DH-SDT2A200-2F-NB-A-PV, DH-ECA2A1400-HN

Версия ПО: - (DH-IPC-HFW1230S1-A-S5), - (DH-IPC-HDW1230T1-A-S5), - (DH-IPC-HFW1239S1-A-LED-S5), - (DH-IPC-HDW1239T1-A-LED-S5), - (DH-IPC-HFW1230S-A-S5), - (DH-IPC-HFW1239S1-LED-S5), - (DH-IPC-HDW1230T-A-S5), - (DH-IPC-HFW1230TL2-S5), - (DH-IPC-HDW1230T2-S5), - (DH-IPC-HFW1439TL1-PV), - (DH-IPC-HFW1430S1-S5), - (DH-IPC-HDW1430T1-A-S5), - (DH-IPC-HDW1430T1-S5), - (DH-IPC-HFW1430S-S5), - (DH-IPC-HFW1430S-A-S5), - (DH-IPC-HDPW1430R1-S5), - (DH-IPC-HDW1430T-A-S5), - (DH-IPC-HDW1430T-S5), - (DH-IPC-HDBW1430E-S5), - (DH-IPC-HDBW1830E-S6), - (DH-IPC-HFW1830S-S6), - (DH-IPC-HDW1830T-S6), - (DH-IPC-HFW1431S1-A-S4), - (DH-IPC-HDW1431T1-A-S4), - (DH-IPC-HFW1431M-A-I1-B-S4), - (DH-IPC-HFW1431M-A-I2-B-S4), - (DH-IPC-HDBW1530E-S6), - (DH-IPC-HFW1530S-S6), - (DH-IPC-HDW1530T-S6), - (DH-IPC-HDBW1230E-S5), - (DH-IPC-HDPW1230R1-S5), - (DH-IPC-HFW1230S1-S5), - (DH-IPC-HFW1230M-A-I1-B-S5), - (DH-IPC-HFW1230M-A-I2-B-S5), - (DH-IPC-HFW1230DS1-S5), - (DH-IPC-HDW1230T1-S5), - (DH-IPC-HDW1230S-S5), - (DH-IPC-HFW1230S-S5), - (DH-IPC-HFW1239S-A-LED-S5), - (DH-IPC-HFW1239V-A-LED-B), - (DH-IPC-HDPW1230R1-ZS-S5), - (DH-IPC-HDW1330T1-S5), - (DH-IPC-HDW1230T1-ZS-S5), - (DH-IPC-HFW1330S1-S5), - (DH-IPC-HFW1230T1-ZS-S5), - (DH-IPC-HDBW1230R-ZS-S5), - (DH-IPC-HDW1330S-S5), - (DH-IPC-HDW1230T-ZS-S5), - (DH-IPC-HFW1330S-S5), - (DH-IPC-HFW1230T-ZS-S5), - (DH-IPC-HFW1439S-A-LED-S4), - (DH-IPC-HDW1239T-A-LED-S5), - (DH-IPC-HDW1439T-A-LED-S4), - (DH-IPC-HFW2249S-S-IL), - (DH-IPC-HFW2449S-S-IL), - (DH-IPC-HDW2249T-S-IL), - (DH-IPC-HDW2449T-S-IL), - (DH-IPC-HFW2241S-S), - (DH-IPC-HFW2441S-S), - (DH-IPC-HDW2241T-S), - (DH-IPC-HDW2441T-S), - (DH-IPC-HDW2241TM-S), - (DH-IPC-HDW2441TM-S), - (DH-IPC-HDBW2241R-ZAS), - (DH-IPC-HDBW2241R-ZS), - (DH-IPC-HDBW2441R-ZAS), - (DH-IPC-HDBW2441R-ZS), - (DH-IPC-HDW2241T-ZS), - (DH-IPC-HDW2441T-ZS), - (DH-IPC-HDBW2241E-S), - (DH-IPC-HDBW2441E-S), - (DH-IPC-HFW2241T-AS), - (DH-IPC-HFW2241T-ZAS), - (DH-IPC-HFW2241T-ZS), - (DH-IPC-HFW2441T-ZAS), - (DH-IPC-HFW2441T-ZS), - (DH-IPC-HDW2249TM-S-IL), - (DH-IPC-HDW2449TM-S-IL), - (DH-IPC-HFW2249T-AS-IL), - (DH-IPC-HFW2449T-AS-IL), - (DH-IPC-HFW1230DT-STW), - (DH-IPC-HFW1430DT-STW), - (DH-IPC-HDW1230DT-STW), - (DH-IPC-HDW1430DT-STW), - (DH-IPC-HFW1230DS-SAW), - (DH-IPC-HFW1430DS-SAW), - (DH-IPC-HDBW1230DE-SW), - (DH-IPC-HDBW1430DE-SW), - (DH-IPC-HFW1230DS1-SAW), - (DH-IPC-HFW1430DS1-SAW), - (DH-IPC-HDW1230DT-SAW), - (DH-IPC-HDW1430DT-SAW), - (DH-H2C), - (DH-H4C), - (DH-F2C-PV), - (DH-F2C-LED), - (DH-T2A-LED), - (DH-T2A-PV), - (DH-T4A-PV), - (DH-T4A-LED), - (DH-F4C-PV), - (DH-F4C-LED), - (DH-P5AE-PV), - (DH-P3D-3F-PV-4G), - (DH-P3AE-PV-4G), - (DH-P5AE-PV-4G), - (DH-P3AE-PV), - (DH-SD2A200-GN-A-PV), - (DH-SD2A500-GN-A-PV), - (DH-SD3A200-GN-A-PV), - (DH-SD3A400-GN-A-PV), - (DH-SD2A200-GN-AW-PV), - (DH-SD2A500-GN-AW-PV), - (DH-SD3A405-GN-PV1), - (DH-SD2A500HB-GN-AW-PV-S2), - (DH-SD2A200HB-GN-AW-PV-S2), - (DH-SD2A500HB-GN-A-PV-S2), - (DH-SD2A200HB-GN-A-PV-S2), - (DH-SD3D216NB-GNY), - (DH-SD2C405NB-GNY-A-PV-S2), - (DH-SD2A300NB-GNY-A-PV), - (DH-SD2A500NB-GNY-A-PV), - (DH-SD3D416NB-GNY), - (DH-SDT2A200-2F-NB-A-PV), - (DH-ECA2A1400-HN)

Тип ПО: Сетевое средство, ПО сетевого программно-аппаратного средства

ОС / платформа: —

⚙️ Технические сведения

Тип ошибки

Копирование буфера без проверки размера входных данных (классическое переполнение буфера) (CWE-120)

Класс уязвимости

Уязвимость кода

Дата выявления

23.07.2025

Способ эксплуатации

Манипулирование структурами данных

Способ устранения

Данные уточняются

Статус уязвимости

Потенциальная уязвимость

Наличие эксплойта

Данные уточняются

Устранение

Информация об устранении отсутствует

📊 CVSS

CVSS 2.0

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS 3.0

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

⚠️ Уровень опасности

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,6)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 8,1)

🔗 Источники и меры

🔗 https://www.dahuasecurity.com/aboutUs/trustedCente...

🏷️ Идентификаторы

CVE-2025-31701

📅 Даты

Дата публикации

10.09.2025

Последнее обновление

10.09.2025

Детали уязвимости