- About Us
SQL injection vulnerability was found in Smart PSS Management System DH-NMS8100, it could be exploited to obtain some data information.
File download privilege escalation vulnerability was found in Smart PSS Management System DH-NMS8100, it could be exploited to obtain some system information.
SQL injection vulnerability
Base Score: 7.7（AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N）
Temporal Score: 6.7（E:P/RL:O/RC:C）
File download privilege escalation vulnerability
Base Score: 5.0（AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N）
Temporal Score: 4.5（E:P/RL:O/RC:C）
DH-NMS8100 product with software version General_NMS_Chn_IS_V3.06.001.R and earlier
Fixed software can be downloaded from Dahua website.
Customer shall contact Dahua local technical support for assistance in the upgrade process.
Dahua technical team will be available to advise and support the upgrade process. For any questions or concerns related to cybersecurity, please contact Dahua at email@example.com
© 2010-2019 Dahua Technology Co., Ltd