Critical vulnerabilities discovered in Dahua smart cameras could allow unauthenticated attackers to remotely hijack devices, execute arbitrary commands, and gain root-level access. These flaws, affecting the ONVIF protocol and file upload handlers, pose a significant risk to surveillance systems in various sectors.

Dahua Camera Vulnerabilities Detailed

Cybersecurity researchers have identified two critical vulnerabilities, CVE-2025-31700 and CVE-2025-31701, in the firmware of Dahua smart cameras. These flaws, with CVSS scores of 8.1, are buffer overflow vulnerabilities that can be exploited by sending specially crafted malicious packets. The vulnerabilities affect specific Dahua camera series with build timestamps prior to April 16, 2025. Users can check their device's build time via the web interface under Settings -> System Information -> Version.

Exploitation and Impact

• Remote Code Execution (RCE): Attackers can achieve RCE by exploiting the ONVIF request handler (CVE-2025-31700) or the RPC file upload handler (CVE-2025-31701).

• Unauthenticated Access: The vulnerabilities are unauthenticated, meaning attackers do not need login credentials to exploit them.

• Local Network Exploitation: Attacks can be launched over the local network, with devices exposed to the internet via port forwarding or UPnP being particularly at risk.

• Persistence: Successful exploitation allows attackers to gain root-level access, bypass firmware integrity checks, and load unsigned payloads, making cleanup difficult.

• Denial-of-Service (DoS): Even with protections like ASLR, denial-of-service attacks remain a concern.

Affected Dahua Camera Models

The following Dahua camera series are affected if their firmware build timestamp is before April 16, 2025:

• IPC-1XXX Series

• IPC-2XXX Series

• IPC-WX Series

• IPC-ECXX Series

• SD3A Series

• SD2A Series

• SD3D Series

• SDT2A Series

• SD2C Series

Additionally, a previously disclosed vulnerability (CVE-2022-30563) affected Dahua's implementation of the ONVIF WS-UsernameToken authentication mechanism, allowing attackers to replay captured credentials to gain full device access. This vulnerability impacted specific Dahua ASI7XXX, IPC-HDBW2XXX, and IPC-HX2XXX models with versions prior to specific patches released in June 2022.

Mitigation and Recommendations

Dahua has released patches to address these vulnerabilities. Users are strongly advised to update their devices to the latest firmware version. Security best practices include minimizing device exposure on the public internet and utilizing secure protocols like HTTPS for all camera interactions to prevent exploitation.

As cyber threats become increasingly sophisticated, your security strategy must evolve to keep pace. BetterWorld Technology offers adaptive cybersecurity solutions that grow with the threat landscape, helping your business stay secure while continuing to innovate. Reach out today to schedule your personalized consultation.

Sources

• Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits, The Hacker News.

• A flaw in Dahua IP Cameras allows full take over of the devices, Security Affairs.

• Nozomi probes deeper into security vulnerability that hackers can exploit to compromise Dahua IP cameras -Industrial Cyber, Industrial Cyber.