Dahua Embedded Products Privilege Escalation Vulnerability via HTTP Request

A vulnerability in certain Dahua embedded products allows third-party attackers with normal user credentials to access data restricted to admin privileges. This includes sensitive system files through specific HTTP requests. Exploitation of this vulnerability could lead to unauthorized tampering with admin passwords, facilitating privilege escalation. Notably, systems with only an admin account are not affected. The vulnerability impacts Dahua IPC-1XXX Series, IPC-2XXX Series, IPC-WX Series, IPC-ECXX Series, SD3A Series, SD2A Series, SD3D Series, SDT2A Series, SD2C Series, TPC-AEBF5201 Series, and TPC-CA Series, all running versions built prior to July 1, 2025.

Impact

Exploitation of this vulnerability could result in unauthorized access to admin-restricted data, manipulation of admin passwords, and subsequent privilege escalation.

Remediation

Users are advised to download the latest version of the product from the Dahua Official Website or contact local Dahua technical support for assistance. For products with cloud upgrade capability, the repaired version can be obtained through a cloud upgrade.