Unauthenticated Un-Throttled ICMP Request Vulnerability in Dahua Software Products

Unauthenticated Un-Throttled ICMP Request Vulnerability in Dahua Software Products

CVE-2022-45434 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP request attack to the designated target host.

Learn more about our Cis Benchmark Audit For Server Software.