medium
6.5
Advisory Published
Updated

CVE-2024-39947

First published: Wed Jul 31 2024(Updated: )

A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.

Credit: cybersecurity@dahuatech.com

Affected SoftwareAffected VersionHow to fix
All of
Dahuasecurity Nvr4104-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4104-4KS2/L
All of
Dahua Security NVR4108-4KS2/L Firmware=4.003.0000000.1.r.240515
Dahuasecurity Nvr4108-4ks2/l
All of
Dahua Security NVR4116-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4116-4KS2/L Firmware
All of
Dahuasecurity Nvr4104-p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4104-P-4KS2/L
All of
Dahuasecurity NVR4108-P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4108-P-4KS2/L Firmware
All of
Dahuasecurity Nvr4108-8p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahuasecurity Nvr4108-8p-4ks2/l
All of
Dahuasecurity Nvr4116-8p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4116-8P-4KS2/L
All of
Dahuasecurity Nvr4104hs-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4104HS-4KS2/L
All of
Dahua Security NVR4108HS-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity Nvr4108hs-4ks2/l
All of
Dahua Security NVR4104HS-P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4104HS-P-4KS2/L
All of
Dahuasecurity Nvr4108hs-p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua NVR4108HS-P-4KS2/L
All of
Dahuasecurity NVR4108HS-8P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity Nvr4108hs-8p-4ks2/l
All of
Dahua Technology NVR4116HS-8P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4116HS-8P-4KS2/L
All of
Dahuasecurity NVR4204-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4204-4KS2/L
All of
Dahuasecurity Nvr4208-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4208-4KS2/L
All of
Dahua Security NVR4216-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahua NVR4216-4KS2/L
All of
Dahuasecurity Nvr4204-p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4204-P-4KS2/L
All of
Dahuasecurity Nvr4208-8p-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4208-8P-4KS2/L
All of
Dahuasecurity NVR4216-16P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4216-16P-4KS2/L
All of
Dahuasecurity Nvr4232-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4232-4KS2/L
All of
Dahua Security NVR4232-16P-4KS2/L Firmware<4.003.0000000.1.r.240515
Dahuasecurity NVR4232-16P-4KS2/L
All of
Dahuasecurity Nvr4116hs-4ks2/l Firmware<4.003.0000000.1.r.240515
Dahua Security NVR4116HS-4KS2/L
All of
Dahuasecurity NVR4416-4KS2/i Firmware<4.001.0000001.6.r.240725
Dahua NVR4416-4KS2/i
All of
Dahuasecurity NVR4416-16P-4KS2/i Firmware<4.001.0000001.6.r.240725
Dahua NVR4416-16P-4KS2/i
All of
Dahuasecurity Nvr4432-16p-4ks2/i Firmware<4.001.0000001.6.r.240725
Dahua Security NVR4432-16P-4KS2/i
All of
Dahuasecurity Nvr4816-4ks2/i Firmware<4.001.0000001.6.r.240725
Dahuasecurity Nvr4816-4ks2/i
All of
Dahuasecurity Nvr4816-16p-4ks2/i Firmware<4.001.0000001.6.r.240725
Dahuasecurity Nvr4816-16p-4ks2/i
All of
Dahuasecurity Nvr4832-4ks2/i Firmware<4.001.0000001.6.r.240725
Dahuasecurity Nvr4832-4ks2/i
All of
Dahuasecurity NVR4832-16P-4KS2/I Firmware<4.001.0000001.6.r.240725
Dahua NVR4832-16P-4KS2/I
All of
Dahua NVR4432-4KS2/I Firmware<4.001.0000001.6.r.240725
Dahuasecurity NVR4432-4KS2/i
All of
Dahuasecurity NVR4232-16P-4KS3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4232-4ks3 Firmware
All of
Dahuasecurity Nvr4232-16p-4ks3<4.003.0000000.0.r.240312
Dahuasecurity NVR4232-16P-4KS3 Firmware
All of
Dahua Security NVR4216-4KS3<4.003.0000000.0.r.240312
Dahua Security NVR4216-4KS3
All of
Dahuasecurity NVR4216-16P-4KS3<4.003.0000000.0.r.240312
Dahuasecurity NVR4216-16P-4KS3 Firmware
All of
Dahuasecurity Nvr4208-8p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahua Security NVR4208-8P-4KS3
All of
Dahuasecurity Nvr4208-4ks3 Firmware<4.003.0000000.0.r.240312
Dahua Security NVR4208-4KS3
All of
Dahua NVR4204-P-4KS3 Firmware<4.003.0000000.0.r.240312
Dahua NVR4204-P-4KS3 Firmware
All of
Dahuasecurity Nvr4204-4ks3 Firmware<4.003.0000000.0.r.240312
Dahua Security NVR4204-4KS3
All of
Dahua Security NVR4116HS-8P-4KS3<4.003.0000000.0.r.240312
Dahua Security NVR4116HS-8P-4KS3
All of
Dahua Security NVR4116HS-4KS3<4.003.0000000.0.r.240312
Dahua Security NVR4116HS-4KS3
All of
Dahuasecurity Nvr4108hs-p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4108hs-p-4ks3 Firmware
All of
Dahuasecurity Nvr4108hs-8p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4108hs-8p-4ks3 Firmware
All of
Dahuasecurity Nvr4108hs-4ks3(960g) Firmware<4.003.0000000.0.r.240312
Dahua NVR4108HS-4KS3(960G)
All of
Dahua Security NVR4104HS-P-4KS3 (960G)<4.003.0000000.0.r.240312
Dahua Security NVR4104HS-P-4KS3
All of
Dahuasecurity Nvr4104hs-4ks3(960g) Firmware<4.003.0000000.0.r.240312
Dahuasecurity NVR4104HS-4KS3 (960G)
All of
Dahuasecurity Nvr4116-8p-4ks3<4.003.0000000.0.r.240312
Dahuasecurity Nvr4116-8p-4ks3 Firmware
All of
Dahuasecurity NVR4116HS-4KS3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4116-4ks3 Firmware
All of
Dahuasecurity Nvr4108-p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4108-p-4ks3 Firmware
All of
Dahuasecurity Nvr4104-4ks3<4.003.0000000.0.r.240312
Dahuasecurity NVR4104HS-4KS3 (960G)
All of
Dahuasecurity Nvr4108-8p-4ks3<4.003.0000000.0.r.240312
Dahuasecurity Nvr4108-8p-4ks3 Firmware
All of
Dahua Technology NVR4108-4KS3 Firmware<4.003.0000000.0.r.240312
Dahua Technology NVR4108-4KS3 Firmware
All of
Dahuasecurity Nvr4104-p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahuasecurity Nvr4104-p-4ks3 Firmware
All of
Dahuasecurity Nvr4104hs-p-4ks3(960g) Firmware<4.003.0000000.0.r.240312
Dahua Security NVR4104HS-P-4KS3 (960G)
All of
Dahuasecurity Nvr4104hs-4ks3(960g) Firmware<4.003.0000000.0.r.240312
Dahuasecurity NVR4104HS-4KS3 (960G)
All of
Dahuasecurity Nvr4108hs-4ks3(960g) Firmware<4.003.0000000.0.r.240312
Dahua NVR4108HS-4KS3(960G)
All of
Dahuasecurity Nvr4104-p-4ks3 Firmware<4.003.0000000.0.r.240312
Dahua Security NVR4104-P-4KS3 (960G)

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-39947?

    CVE-2024-39947 is considered to be a critical vulnerability due to the potential for device crashes following unauthorized access.

  • How do I fix CVE-2024-39947?

    To mitigate CVE-2024-39947, update the firmware of affected Dahua devices to the latest version provided by the manufacturer.

  • Which devices are affected by CVE-2024-39947?

    Affected devices include specific Dahua NVR models, such as NVR4104-4KS2/L, NVR4108-4KS2/L, and several others referenced in the firmware details.

  • How can an attacker exploit CVE-2024-39947?

    An attacker can exploit CVE-2024-39947 by sending a specially crafted data packet after obtaining valid user credentials.

  • What are the consequences of exploiting CVE-2024-39947?

    Exploiting CVE-2024-39947 can lead to a device crash, resulting in potential downtime and loss of functionality for the affected Dahua products.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203