Cybersecurity researchers have discovered several critical security vulnerabilities in the firmware of Dahua’s Hero C1 smart camera series. If exploited, these vulnerabilities allow hackers to run malicious commands on the device remotely, effectively taking it over.
The vulnerabilities were found by security researchers at Bidefender and were verified on a Dahua Hero C1 (DH-H4C) running firmware version V2.810.9992002.0.R (Build Date: 2024-01-23) with ONVIF version 21.06 and Web UI version V3.2.1.1452137. This was also the latest firmware version available for the camera at the time of testing.
Specifically, the following two vulnerabilities were discovered:
- CVE-2025-31700: A stack-based buffer overflow bug in the ONVIF handler on port 80. The vulnerability is rated 8.1 on the CVSS scale and can be exploited without authentication, allowing hackers to remotely overwrite the onboard memory and run malicious code on the device.
- CVE-2025-31701: This also has a CVSS score of 8.1 and affects an undocumented PRC upload endpoint. If exploited, hackers can overwrite global variables and intercept system calls via specifically crafted data, enabling full remote code execution.
These vulnerabilities were reported to the Dahua security team in March 2025. The team then ran an internal audit and found that the IPC-1XXX Series, IPC-2XXX Series, IPC-WX Series, IPC-ECXX Series, SD3A Series, SD2A Series, SD3D Series, SDT2A Series, and SD2C Series with firmware versions older than April 16, 2025, were also vulnerable. Dahua’s team confirmed the reports as valid on April 1, 2025, and released patches for affected devices on July 7.
Dahua camera users are advised to apply the latest patches available as soon as possible and avoid exposing the web interface of the vulnerable models to the internet. Use of UPnP and port forwarding is also discouraged.
In the News: Hackers are targeting Python developers with fake PyPI sites
