{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T07:36:11.969","vulnerabilities":[{"cve":{"id":"CVE-2019-9676","sourceIdentifier":"cybersecurity@dahuatech.com","published":"2019-06-12T15:29:00.957","lastModified":"2024-11-21T04:52:05.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability."},{"lang":"es","value":"Vulnerabilidad de desbordamiento de búfer encontrada en algunos dispositivos de cámara IP Dahua IPC-HFW1XXX, IPC-HDW1XXX, IPC-HFW2XXX Compilación antes del 2018/11. La vulnerabilidad se encuentra en la función de redireccionamiento de la información de impresión del puerto serie, que no puede ser utilizada por las funciones básicas del producto. Después de que un atacante inicia sesión localmente, esta vulnerabilidad puede ser explotada para provocar el reinicio del dispositivo o la ejecución de código arbitrario. Dahua identificó los problemas de seguridad correspondientes en el proceso de auditoría de código estático, por lo que gradualmente eliminó esta función, que ya no está disponible en los dispositivos y software más nuevos. Dahua ha lanzado versiones de los productos afectados para corregir la vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2018-11","matchCriteriaId":"4BF3492E-5F52-4A3E-AF88-31C3C4594FCD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dahuasecurity:ipc-hfw1xxx:-:*:*:*:*:*:*:*","matchCriteriaId":"720C96F1-0285-483A-8C2F-C3028B0DC552"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2018-11","matchCriteriaId":"8D9ABD96-A931-4FB8-8BAE-4BC660746765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dahuasecurity:ipc-hdw1xxx:-:*:*:*:*:*:*:*","matchCriteriaId":"2B4B5CB1-F578-4A34-9134-909EB47A6A79"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2018-11","matchCriteriaId":"5FFD8AC9-7991-4D28-B95E-D0F49D255915"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dahuasecurity:ipc-hfw2xxx:-:*:*:*:*:*:*:*","matchCriteriaId":"317F6509-E1DE-43B5-934C-12A922B41DDD"}]}]}],"references":[{"url":"https://www.dahuasecurity.com/support/cybersecurity/details/617","source":"cybersecurity@dahuatech.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.dahuasecurity.com/support/cybersecurity/details/617","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}