System Security Vulnerability Was Found In Some Dahua Devices
Security Notification – System security vulnerability was found in some Dahua devices
Notification ID: DHCC-201703-01
First Published: March 17, 2017
Not listed in CVE
A system security vulnerability was found in some Dahua products. This vulnerability could be exploited to attack products online that are using port forwarding (open access to the internet).
Some products can be accessed remotely using the 888888 (local only) account that is not intended for remote access.
Some products could also be vulnerable to a script that can read existing passwords and allow access to on line devices even if there default passwords are changed.
Vulnerable devices can be have their settings changed remotely, including camera brightness, contrast and channel name.
In some cases the channel name is changed to “HACKED” or “FIRMWARE”
In some cases the network settings are also changed to prevent remote access.
|IP NVR's||HDCVI DVR's|
|HDCVI XVR's||NEXUS NVR's|
Check if your device is at risk:
Your unit MAY be vulnerable if;
1. You purchased your device from COP Security before 1st April 2017
2. Your device is connected to the internet
Please Note: Devices purchased from COP Security after 1st April 2017 have the latest firmware already installed (that addresses this vulnerability) and any units not connected to the internet are not vulnerable, but we strongly recommend following our Best Practice Information section, to ensure maximum security for your networked device.
Please also Note: If your device was purchased before April 2017 it may already have the latest firmware that addresses this vulnerability, please check the version number of the firmware in your device against the list of the latest version on our update firmware page.