CVE-2025-31700

HIGH

Dahua IPC and SD Series - Buffer Overflow via Malicious Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-31700. PoCs published by umair-aziz025.

AI-analyzed exploit summary The repository contains functional exploit scripts for multiple Dahua IP camera vulnerabilities, including authentication bypass (CVE-2021-33044/45) and buffer overflow DoS (CVE-2025-31700/01). The scripts are well-documented and include technical details about the vulnerabilities.

Description

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g., crashes) or remote code execution (RCE). Some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduces the likelihood of successful RCE exploitation. However, denial-of-service (DoS) attacks remain a concern.

Exploits (1)

nomisec WORKING POC 2 stars

by umair-aziz025 · poc

https://github.com/umair-aziz025/dahua-cve-research

View Code ZIP pw:eip

The repository contains functional exploit scripts for multiple Dahua IP camera vulnerabilities, including authentication bypass (CVE-2021-33044/45) and buffer overflow DoS (CVE-2025-31700/01). The scripts are well-documented and include technical details about the vulnerabilities.

Classification

Working Poc 95%

Attack Type

Auth Bypass | Dos

Complexity

Moderate

Reliability

Reliable

Target: Dahua IP cameras (various models)

No auth needed

Prerequisites: network access to vulnerable Dahua devices · Python environment with 'requests' library

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts T1499 - Endpoint Denial of Service

devstral-2 · analyzed Mar 04, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://www.dahuasecurity.com/aboutUs/trustedCenter/details/775

Scores

CVSS v3 8.1

EPSS 0.0080

EPSS Percentile 52.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (2)

Dahua/IPC Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, a

Dahua/SD Affected products include certain models from the SD3A, SD2A, SD3D, SDT2A, and SD2C series, and limi

Published Jul 23, 2025

Tracked Since Feb 18, 2026