CVE-2022-45427EPSS p48.3%
CVE-2022-45427CVE-2022-45427
dahuasecurity / dss_express
Description
Some Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface, an attacker can upload arbitrary files.
Scoring
| CVSS | 7.2 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 0.70% probability of exploitation · percentile 48.3% · 2026-06-18T12:00:27Z |
| Last modified | 2026-06-17 |