Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in additional consumption of platform server resources. Versions with Build time before April 2020 are affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dahua Web P2P control 信息泄露漏洞
Vulnerability Description
Dahua Web P2P control是中国大华(Dahua)公司的一套Dahua产品管理和视频查看软件。 Dahua Web P2P control中存在安全漏洞。攻击者可利用该漏洞获取Cloud Key信息,冒充客户来连接平台,消耗平台服务器资源。
CVSS Information
N/A
Vulnerability Type
N/A