CVE-2022-30560
moderate-risk
Published 2022-06-28
When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.
Do I need to act?
-
0.28% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10
High
NETWORK
/ HIGH complexity
Affected Products (20)
Ipc-Hdbw2431E-S-S2 Firmware
Ipc-Hdbw2831E-S-S2 Firmware
Ipc-Hdbw2230E-S-S2 Firmware
Ipc-Hdbw2831R-Zs-S2 Firmware
Ipc-Hdbw2831R-Zas-S2 Firmware
Ipc-Hdbw2531R-Zs-S2 Firmware
Ipc-Hdbw2531R-Zas-S2 Firmware
Ipc-Hdbw2531E-S-S2 Firmware
Ipc-Hdbw2431R-Zs-S2 Firmware
Ipc-Hdbw2431R-Zas-S2 Firmware
Ipc-Hdbw2231F-As-S2 Firmware
Ipc-Hdbw2231E-S-S2 Firmware
Ipc-Hdbw2231R-Zs-S2 Firmware
Ipc-Hdbw2231R-Zas-S2 Firmware
Ipc-Hfw2231M-As-I2-B-S2 Firmware
Ipc-Hfw2231T-As-S2 Firmware
Ipc-Hfw2231S-S-S2 Firmware
Ipc-Hfw2231T-Zs-S2 Firmware
Ipc-Hfw2231T-Zas-S2 Firmware
Ipc-Hfw2230S-S-S2 Firmware
Affected Vendors
References (2)
Vendor Advisory
https://www.dahuasecurity.com/support/cybersecurity/details/1017
Vendor Advisory
https://www.dahuasecurity.com/support/cybersecurity/details/1017
47
/ 100
moderate-risk
Severity
22/34 · High
Exploitability
1/34 · Minimal
Exposure
24/34 · High