CVE-2022-45423 Information

Description

Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. An attacker can obtain encrypted MQTT credentials by sending a specific crafted packet to the vulnerable interface (the credentials cannot be directly exploited).

Reference

https://www.dahuasecurity.com/support/cybersecurity/details/1137