What is the vulnerability ID of this Dahua software vulnerability?

The vulnerability ID of this Dahua software vulnerability is CVE-2022-45429.

What is the severity of CVE-2022-45429?

The severity of CVE-2022-45429 is high, with a severity value of 7.5.

Which Dahua software products are affected by CVE-2022-45429?

Dahuasecurity Dss Express versions 7.002.1760000.2, 8.0.2, 8.0.4, 8.1, and 8.1.1, as well as Dahuasecurity Dss Professional versions 7.002.1760000.2, 8.0.2, 8.0.4, and 8.1.1 are affected by CVE-2022-45429.

What is the vulnerability type of CVE-2022-45429?

The vulnerability type of CVE-2022-45429 is server-side request forgery (SSRF).

How can an attacker exploit CVE-2022-45429?

An attacker can exploit CVE-2022-45429 by accessing internal resources through concatenating specific URL links.

Vulnerability/
CVE-2022-45429

high

7.5

CWE

918

27/12/2022

3/8/2024

CVE-2022-45429: SSRF

First published: Tue Dec 27 2022(Updated: )

Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules.

Credit: cybersecurity@dahuatech.com

Affected Software	Affected Version	How to fix
Dahuasecurity Dss Express	=7.002.1760000.2
Dahuasecurity Dss Express	=8.0.2
Dahuasecurity Dss Express	=8.0.4
Dahuasecurity Dss Express	=8.1
Dahuasecurity Dss Express	=8.1.1
Dahuasecurity Dss Professional	=7.002.1760000.2
Dahuasecurity Dss Professional	=8.0.2
Dahuasecurity Dss Professional	=8.0.4
Dahuasecurity Dss Professional	=8.1
Dahuasecurity Dss Professional	=8.1.1
Dahuasecurity Dhi-dss7016d-s2 Firmware	=1.001.0000001.2
Dahuasecurity Dhi-dss7016d-s2 Firmware	=8.0.2
Dahuasecurity Dhi-dss7016d-s2 Firmware	=8.0.4
Dahuasecurity Dhi-dss7016d-s2 Firmware	=8.1
Dahuasecurity Dhi-dss7016d-s2
Dahuasecurity Dhi-dss7016dr-s2 Firmware	=1.001.0000001.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware	=8.0.2
Dahuasecurity Dhi-dss7016dr-s2 Firmware	=8.0.4
Dahuasecurity Dhi-dss7016dr-s2 Firmware	=8.1
Dahuasecurity Dhi-dss7016dr-s2
Dahuasecurity Dhi-dss4004-s2 Firmware	=1.001.0000001.2
Dahuasecurity Dhi-dss4004-s2 Firmware	=8.0.2
Dahuasecurity Dhi-dss4004-s2 Firmware	=8.0.4
Dahuasecurity Dhi-dss4004-s2 Firmware	=8.1
Dahuasecurity Dhi-dss4004-s2

Remedy

https://www.dahuasecurity.com/support/cybersecurity/details/1137

Never miss a vulnerability like this again

Reference Links

https://www.dahuasecurity.com/support/cybersecurity/details/1137

Frequently Asked Questions

What is the vulnerability ID of this Dahua software vulnerability?
The vulnerability ID of this Dahua software vulnerability is CVE-2022-45429.
What is the severity of CVE-2022-45429?
The severity of CVE-2022-45429 is high, with a severity value of 7.5.
Which Dahua software products are affected by CVE-2022-45429?
Dahuasecurity Dss Express versions 7.002.1760000.2, 8.0.2, 8.0.4, 8.1, and 8.1.1, as well as Dahuasecurity Dss Professional versions 7.002.1760000.2, 8.0.2, 8.0.4, and 8.1.1 are affected by CVE-2022-45429.
What is the vulnerability type of CVE-2022-45429?
The vulnerability type of CVE-2022-45429 is server-side request forgery (SSRF).
How can an attacker exploit CVE-2022-45429?
An attacker can exploit CVE-2022-45429 by accessing internal resources through concatenating specific URL links.

collector/nvd-index
agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/remedy
agent/tags
collector/mitre-cve
source/MITRE
vendor/dahuasecurity
canonical/dahuasecurity dss express
version/dahuasecurity dss express/7.002.1760000.2
version/dahuasecurity dss express/8.0.2
version/dahuasecurity dss express/8.0.4
version/dahuasecurity dss express/8.1
version/dahuasecurity dss express/8.1.1
canonical/dahuasecurity dss professional
version/dahuasecurity dss professional/7.002.1760000.2
version/dahuasecurity dss professional/8.0.2
version/dahuasecurity dss professional/8.0.4
version/dahuasecurity dss professional/8.1
version/dahuasecurity dss professional/8.1.1
canonical/dahuasecurity dhi-dss7016d-s2 firmware
version/dahuasecurity dhi-dss7016d-s2 firmware/1.001.0000001.2
version/dahuasecurity dhi-dss7016d-s2 firmware/8.0.2
version/dahuasecurity dhi-dss7016d-s2 firmware/8.0.4
version/dahuasecurity dhi-dss7016d-s2 firmware/8.1
canonical/dahuasecurity dhi-dss7016d-s2
canonical/dahuasecurity dhi-dss7016dr-s2 firmware
version/dahuasecurity dhi-dss7016dr-s2 firmware/1.001.0000001.2
version/dahuasecurity dhi-dss7016dr-s2 firmware/8.0.2
version/dahuasecurity dhi-dss7016dr-s2 firmware/8.0.4
version/dahuasecurity dhi-dss7016dr-s2 firmware/8.1
canonical/dahuasecurity dhi-dss7016dr-s2
canonical/dahuasecurity dhi-dss4004-s2 firmware
version/dahuasecurity dhi-dss4004-s2 firmware/1.001.0000001.2
version/dahuasecurity dhi-dss4004-s2 firmware/8.0.2
version/dahuasecurity dhi-dss4004-s2 firmware/8.0.4
version/dahuasecurity dhi-dss4004-s2 firmware/8.1
canonical/dahuasecurity dhi-dss4004-s2