CVE-2025-31700

HIGH

Dahua - Buffer Overflow

Title source: llm

Description

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g., crashes) or remote code execution (RCE). Some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduces the likelihood of successful RCE exploitation. However, denial-of-service (DoS) attacks remain a concern.

Exploits (1)

nomisec WORKING POC 2 stars

by umair-aziz025 · poc

https://github.com/umair-aziz025/dahua-cve-research

View Code ZIP pw:eip

References (1)

[Various Sources] https://www.dahuasecurity.com/aboutUs/trustedCenter/details/775

Scores

CVSS v3 8.1

EPSS 0.0032

EPSS Percentile 55.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (2)

Dahua/IPC Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, a

Dahua/SD Affected products include certain models from the SD3A, SD2A, SD3D, SDT2A, and SD2C series, and limi

Published Jul 23, 2025

Tracked Since Feb 18, 2026