CVE-2019-9680
First published: Wed Sep 18 2019(Updated: )
Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
Credit: cybersecurity@dahuatech.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dahua IPC-HDW1122 | <2019-08-18 | |
| Dahua IPC-HDW1122 | ||
| Dahua IPC-HFW1120 | <2019-08-18 | |
| Dahua IPC-HFW1120 | ||
| Dahua IPC-HDW222 | <2019-08-18 | |
| Dahua IPC-HDW222 | ||
| Dahuasecurity Ipc-hfw2x2x Firmware | <2019-08-18 | |
| Dahua IPC-HFW2X2X | ||
| Dahuasecurity IPC-HDW4X2X Firmware | <2019-08-18 | |
| Dahuasecurity IPC-HDW4X2X Firmware | ||
| Dahuasecurity IPC-HFW4X2X | <2019-08-18 | |
| Dahuasecurity IPC-HFW4X2X | ||
| Dahua IPC-HDBW4X2X Firmware | <2019-08-18 | |
| Dahua IPC-HDBW4X2X | ||
| Dahuasecurity IPC-HDW52XX Firmware | <2019-08-18 | |
| Dahuasecurity IPC-HDW52XX Firmware | ||
| Dahua IPC-HFW5X2X | <2019-08-18 | |
| Dahua IPC-HFW5X2X |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-9680?
CVE-2019-9680 is a vulnerability found in some Dahua products that allows attackers to obtain the IP address and device model information of the device by constructing malicious data packets.
Which products are affected by CVE-2019-9680?
The affected products include IPC-HDW1X2X, IPC-HFW1X2X, IPC-HDW2X2X, IPC-HFW2X2X, IPC-HDW4X2X, IPC-HFW4X2X, IPC-HDBW4X2X, IPC-HDW5X2X, IPC-HFW5X2X.
How severe is CVE-2019-9680?
CVE-2019-9680 has a severity rating of 5.3, which is considered medium.
How can I fix CVE-2019-9680?
To fix CVE-2019-9680, update your Dahua products to a version equal to or later than 2019-08-18.
Where can I find more information about CVE-2019-9680?
You can find more information about CVE-2019-9680 on the Dahua Security website at https://www.dahuasecurity.com/support/cybersecurity/details/637.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/remedy
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dahuasecurity
- canonical/dahua ipc-hdw1122
- canonical/dahua ipc-hfw1120
- canonical/dahua ipc-hdw222
- canonical/dahuasecurity ipc-hfw2x2x firmware
- canonical/dahua ipc-hfw2x2x
- canonical/dahuasecurity ipc-hdw4x2x firmware
- canonical/dahuasecurity ipc-hfw4x2x
- canonical/dahua ipc-hdbw4x2x firmware
- canonical/dahua ipc-hdbw4x2x
- canonical/dahuasecurity ipc-hdw52xx firmware
- canonical/dahua ipc-hfw5x2x