Bitdefender has issued an urgent advisory to owners of Dahua security cameras, highlighting the need for immediate firmware updates following the discovery of two high-severity vulnerabilities. These flaws—tracked as CVE-2025-31700 and CVE-2025-31701, each with a CVSS severity score of 8.1—could enable unauthenticated attackers to gain full remote control over affected devices.
Details of the Vulnerabilities
Researchers at Bitdefender identified two buffer overflow vulnerabilities impacting several models within the Dahua camera lineup, with particular attention called to the Dahua Hero C1 (DH-H4C) smart camera. Additionally, at least nine other product series, including IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A, and SD2C, are reportedly affected.
- CVE-2025-31700 exists in the ONVIF protocol handler, where a specially crafted HTTP Host header can trigger a stack-based buffer overflow, enabling arbitrary code execution without authentication.
- CVE-2025-31701 pertains to an undocumented file upload endpoint, allowing malicious actors to manipulate certain HTTP headers. This can overwrite global variables, resulting in full, unauthenticated remote code execution.
Both vulnerabilities can be exploited locally or over the internet—especially if affected cameras are accessible via port forwarding or Universal Plug and Play (UPnP)—giving threat actors root-level control over compromised devices. Such access would let attackers install unsigned, persistent malware, severely complicating remediation efforts.
Impact and Affected Devices
Owners of any Dahua camera with firmware versions built before April 16, 2025, are urged to treat this advisory with the utmost seriousness. These devices are widely deployed in private homes as well as commercial environments such as retail venues, warehouses, casinos, and more. Users can determine the build date of their device firmware using the web interface by navigating to Settings > System Information > Version.
