CNNVD-202510-2250 Information

Oct 15, 2025 cve

CNNVD ID

CNNVD-202510-2250

CVE-2025-31702

CNNVD Published: 2025-10-15

Description (Chinese)

Dahua IPC和Dahua SD都是中国大华（Dahua）公司的产品。Dahua IPC是大华的一系列工控机。Dahua SD是一系列云台球型摄像机。 Dahua IPC和Dahua SD存在安全漏洞，该漏洞源于第三方恶意攻击者可通过特定HTTP请求访问系统敏感文件等管理员权限数据，可能导致管理员密码篡改和权限提升。

Description (English)

Dahua IPC and Dahua SD are products of Dahua China. Dahua IPC is a series of handlers in China. Dahua SD is a series of cloud billiard-type cameras. There is a security loophole in Dahua IPC and Dahua SD, which stems from the fact that a third party malicious attacker can request access to such administrator rights data as sensitive documents of the system through a specific HTTP, which may lead to the manipulation of the administrator ’ s password and the enhancement of the privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

大华

Published

2025-10-15

Last Modified

2026-02-24

References

https://www.dahuasecurity.com/aboutUs/trustedCenter/details/777 https://access.redhat.com/security/cve/cve-2025-31702

Patch

https://www.dahuasecurity.com/aboutUs/trustedCenter/details/777

Share on: