A recent security bulletin highlights critical vulnerabilities affecting Dahua's IP cameras and network video recorders, necessitating immediate action from network administrators. Three significant issues have been identified: 1. CVE-2026-29114, a low-impact flaw with a CVSS score of 2.3, allows attackers to potentially create fraudulent certificates by exploiting a CA root certificate issue. 2.
CVE-2026-29115, with a CVSS score of 6.9, enables authenticated attackers to crash systems remotely, compromising surveillance feeds. 3. CVE-2026-29116, rated at 8.7, could allow unauthenticated attackers to send crafted packets, causing systems to reboot and disabling security cameras. To mitigate these vulnerabilities, affected device models must be updated promptly with the latest firmware.