Cybersecurity researchers have revealed the existence of critical security vulnerabilities within the firmware of Dahua smart cameras. These flaws, now patched, could have enabled unauthorized entities to gain control of susceptible devices.
The vulnerabilities specifically resided in the camera's ONVIF protocol and its file upload handlers, permitting unauthenticated attackers to remotely execute arbitrary commands, ultimately leading to a complete takeover of the affected hardware.