Greetings, Two independent authentication bypass has been found in Dahua (and their OEMs) devices. Due to the very high potential of another "Dahua mass hack", I will keep Full Disclosure details until October 6, 2021. Highly recommend upgrading the firmware until then.
Dahua advisory: https://www.dahuasecurity.com/support/cybersecurity/details/957 Have a nice day, https://github.com/mcw0/PoC /bashis _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
