CVE-2024-39945

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-703
View all →

Vulnerability Description

A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.

Related Vulnerabilities

CVE-2021-23261

MEDIUM
CVSS:4.9(Medium)

Authenticated administrators may override the system configuration file and cause a denial of service.

CWE-7032021

CVE-2021-42205

MEDIUM
CVSS:4.7(Medium)

ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that...

CWE-7032021

CVE-2021-25425

MEDIUM
CVSS:5.3(Medium)

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.

CWE-7032021

CVE-2022-23002

MEDIUM
CVSS:5.3(Medium)

When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The r...

CWE-7032022

CVE-2022-23003

MEDIUM
CVSS:5.3(Medium)

When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is...

CWE-7032022

CVE-2022-23004

MEDIUM
CVSS:5.3(Medium)

When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is...

CWE-7032022