Hackers could take over millions of Dahua CCTV cameras because of two critical flaws - here's how to stay safe

• Dahua CCTV flaws identified by Bitdefender affect over 100 popular security camera models
• Vulnerabilities allow remote code execution without authentication over local or internet connections
• Company urges firmware updates and network isolation to prevent exploitation

Researchers at Bitdefender have announced two critical vulnerabilities affecting a large number of Dahua smart cameras.

The flaws, which were patched in the most recent firmware update, could allow unauthenticated attackers to take full control of affected devices.

Dahua has confirmed that a total of 126 models were affected, including multiple IPC, SD, and DH series devices, not just the Hero C1 model first reported.

Patch now

The first of the vulnerabilities, CVE-2025-31700, is a buffer overflow flaw in Dahua camera firmware that can be triggered when the device processes specially crafted network packets. If exploited, it could cause the camera to crash or, in some cases, allow a remote attacker to ...