Security researchers from Bitdefender have discovered two extremely critical vulnerabilities in Dahua security cameras. These vulnerabilities can turn your surveillance camera into a backdoor for hackers.
Dahua, the second-largest manufacturer of video surveillance cameras in the world after Hikvision, has confirmed that a total of 126 camera models are affected. These include the IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A, and SD2C series devices running firmware versions released before April 16, 2025.
Users can check the firmware version by logging into the web interface of the device and accessing Settings > System Information > Version.
Dahua is a popular brand in Vietnam. (Illustrative image)
Both of these vulnerabilities are classified as “buffer overflow” errors, which can be exploited by sending malicious packets leading to potential denial-of-service (DoS) attacks or remote code execution (RCE).
Specifically, CVE-2025-31700 is related to a buffer overflow in the Open Network Video Interface Forum (ONVIF) request handler, while CVE-2025-31701 is linked to an overflow in the RPC file upload handler.
According to Dahua, some cameras may have implemented protection mechanisms such as address space layout randomization (ASLR) to reduce the likelihood of successful RCE attacks. However, DoS attacks remain a significant concern.
As Dahua cameras are commonly used for video surveillance in retail stores, warehouses, and residential areas, these vulnerabilities could have severe consequences. Devices connected to the Internet via port forwarding or UPnP are at an elevated risk.
If successfully exploited, an attacker could gain unauthorized access to the camera, bypassing firmware integrity checks and uploading unsigned payloads, making remediation challenging.
Therefore, users should urgently update their firmware by visiting the official Dahua website here, checking if their camera model is among the 126 affected ones, and downloading the latest firmware update.
As a temporary measure (if updating is not immediately possible), it is recommended to disconnect the camera from direct Internet access, disable UPnP on the network router, and isolate the camera system on a separate network to minimize risk.
Both Bitdefender and Dahua emphasize that once vulnerability details become public, any unpatched devices connected to the Internet become prime targets for malicious actors.
