Dahua Hero C1 (DH-H4C)

Critical security vulnerabilities in Dahua surveillance cameras

Kamera, Dahua Hero C1, dahua sicherheitslücke, dahua kamera sicherheitslücke, dahua kamera, dahua kamera schwachstelle, Dahua, Überwachungskamera
Image source: sylv1rob1 / Shutterstock.com
LinkedInRedditWhatsAppPocket

Deutsch This article is also available in German.

Researchers from Bitdefender have discovered critical vulnerabilities in the firmware of Dahua cameras. Attackers could gain full access to the devices and misuse them for espionage or as part of a botnet.

Invisible threat in the network

The newly discovered vulnerabilities affect the Dahua Hero C1 (DH-H4C) smart camera and possibly other models from the Chinese manufacturer. The gaps in the firmware allow attackers to access the cameras unhindered via the network – without the need for authentication. Devices that are connected to the internet via UPnP or port forwarding are particularly at risk.

Ad

Full control for attackers

Two key vulnerabilities allow hackers to take over the system completely. The first vulnerability (CVE-2025-31700) is a classic stack-based buffer overflow in the ONVIF protocol module. Attackers can take control of CPU registers and return addresses by manipulating data. The second vulnerability affects the file upload handler. It allows attackers to inject and execute malicious code – remotely and without user interaction.

After a successful attack, the hackers gain root access to the device. Manipulated processes allow them to embed themselves permanently. This makes it considerably more difficult to detect and remove the malware.

Fast update is mandatory

Bitdefender has informed the manufacturer and Dahua is already working on fixing the problems. Firmware versions released after April 16, 2025 close the described gaps. Users should immediately check whether their cameras are up to date.

Ad

How to protect your devices

To reduce the risk of an attack, experts recommend not connecting the affected cameras to the Internet. UPnP should be deactivated and port forwarding disabled. An additional protective measure is to isolate the cameras in separate networks or VLANs to make it more difficult for a possible attack to spread.

Conclusion

Surveillance cameras such as those from Dahua have long been part of modern networks and are therefore potential gateways for cyber attacks. Regular security updates and a smart network configuration are crucial to keep this often underestimated danger under control.

Further information can be found in the Bitdefender analysis.

(vp/Bitdefender)


Ad

Weitere Artikel

OpenAI: GPT-4o returns after shaky GPT-5 start
Glencore takes over Canadian battery recycler Li-Cycle
Air France and KLM: Data leak via third-party provider
Trump demands resignation of Intel boss Lip-Bu Tan