Vulnerability in Dahuasecurity Ddh-hcvr4xxx

CVE-2017-7925

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-…

EPSS: 0.804 (99.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2017-7925?
CVE-2017-7925 is a critical-severity vulnerability in Dahuasecurity Ddh-hcvr4xxx, classified under CWE-260. CVSS score: 9.8/10. Published 2017-05-06.
How severe is CVE-2017-7925?
Critical severity. CVSS v3 base score is 9.8 out of 10.
Is CVE-2017-7925 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.