Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An Attacker can access internal resources by concatenating links (URL) that conform to specific rules.
[
{
"vendor": "n/a",
"product": "DSS Professional, DSS Express, DHI-DSS7016D-S2/DHI-DSS7016DR-S2, DHI-DSS4004-S2",
"versions": [
{
"version": "V8.0.2, V8.0.4, V8.1",
"status": "affected"
}
]
}
]